Re: Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to beRE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))

["Anders Rundgren" <anders.rundgren@xxxxxxxxxx>]

Ed,
>> Note: I deliberately excluded national ID-CAs who HAVE to verify absolute identity (which is
>> harder and harder to do with all paper-less refugees in Europe).
>
>The "harder and harder to do" is what makes a certificate not bind to a user -- and even
>if you have all proper papers in notarized copies you still do not know. And, BTW, just
>read any CA warranty and you will see they also do not know and they say so -- "NO
>WARRANTY, NO SUITABILITY OF PURPOSE".

Well, I don’t (unlike most other PKI-folks) believe that it is absolutely necessary
for the success of PKIs, that CAs should be able to warrant and insure for all kinds of problems.

To me certificates should be compared to mechanical locks. A lock manufacturer usually
only guarantees that a lock is manufactured to conform to a certain industry-standard (CPS).
Not that the lock is guaranteed to protect values up to $1000000. There are exceptions but
then we are not talking mainstream. 

Regarding the binding I believe that certificates and CAs make sense if the CA 
can guarantee (with high but not unlimited probability) that an individual cannot
"borrow" another’s identity.  This is certainly feasible, partly by using biometrics.   And is not terribly expensive either.
To nail down an individual’s true TRUE identity is NOT a requirement for employers, banks 
etc. as long as you perform according to their rules.  If an RP needs stronger proofs of
identity this may have to be carried out without the CA.

National CAs are exceptions that probably never will be mainstream (except MAYBE in countries
like Sweden with a long ID-card tradition)

Anders