[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Online PIN & Server Wallet

To: <set-discuss@xxxxxxxxxxxxxxxxxx>
Subject: RE: Online PIN & Server Wallet
From: "Lyal Collins" <lyalc@xxxxxxxxxxxxxx>
Date: Tue, 14 Dec 1999 11:23:46 +1100
Cc: <ietf-pkix@xxxxxxx>
Importance: Normal
In-reply-to: <>

I would have phrased it "control risk cost effectively".
AADS is the nearest I have seen to a cost effective PKI model, the rest cost
too much to implement and to operate.

Lyal

> -----Original Message-----
> From: Phillip M Hallam-Baker [mailto:pbaker@verisign.com]
> Sent: Tuesday, 14 December 1999 10:38
> To: Lyal Collins; set-discuss@lists.commerce.net
> Cc: ietf-pkix@imc.org
> Subject: RE: Online PIN & Server Wallet
>
>
>
> > Who cares about "not in the spirit of PKI"?
>
> > I want to see affordable implementations and affordable
> operational models
> > for PKI, otherwise, don't waste our time with it.
>
> I thought that was the spirit of PKI!
>
> If I get a bill from my telco it is the telco that is authenticating
> itself to me as a corporate entity, not Kent the Clerk.
>
> One of the problems with the endless (and more than tedious)
> discussions of
> non repudiation and biometrics that infest the list could be avoided if
> people would recognize that:
>
> 1) The objective is to _control_ risk. Eliminating every possible
> threat is
> 	not necessary to achieve that objective.
>
> 2) Non repudiation is not a binary property. It is not a question
> of having
> 	NR or not having it but one of degree.
>
> 3) Corporations do not have biometrics.
>
>
>
> 		Phill
>
>
>

References:
- RE: Online PIN & Server Wallet
  - From: Phillip M Hallam-Baker

Prev by Date: RE: Online PIN & Server Wallet
Next by Date: RE: Q: Are repeated OIDs allowed in the AIA extension?
Previous by thread: RE: Online PIN & Server Wallet
Next by thread: Re: Shifting around the risk burden, Re:
Index(es):
- Date
- Thread