the original design point for much of PKI was distributed credentials for
non-face-to-face, offline, electronic ... i.e. parties that had no prior
business relationship and at the moment performing authentication function the
relying party wasn't online (analogous to letters of credit in the days of
sailing ships long before there was electronic connectivity).
frequently online authentication provides higher quality, specifically targeted
and more timely information that could be available with a generalized
credential created sometime in the past.
Some trade-offs are the descreased cost of offline vis-a-vis online
authentication transaction and the reduced quality and/or timelyness of the
information (stale vis-a-vis current). Online costs are drastically dropping as
internet and related technologies become pervasive.
So traditional PKI opportunity would appear to be 1) authentication
circumstances involving volume costs that have to come in below the dropping
online costs (but can still cover the cost of a PKI infrastructure), 2)
authentication circumstances &/or transactions that aren't dependent on timely
information, and 3) wouldn't require a combination of offline & online (since an
online authentication operation can always subsum any of the offline pieces,
eliminating duplication of infrastructures).
Majority of existing e-commerce paradigms involve parties with 1) either direct
prior relationship or indirect prior relationship thru some financial
institution, 2) account-based timely &/or aggregated nformation, and 3) online
operation.
Into such an environment, PKI needs to find a thread between the existing
paradigms that doesn't require online access &/or account-based
timely/aggregated information between parties with no prior relationship.
Peter Cassidy <[EMAIL PROTECTED]> on 01/10/2000 03:08:00 PM
To: [EMAIL PROTECTED]
cc: [EMAIL PROTECTED], [EMAIL PROTECTED] (bcc: Lynn
Wheeler/CA/FDMS/FDC)
Subject: Killer PKI Applications
Friends,
I am engaged in an expansive and challenging authoring assignment
regarding PKI's rationale in the large e-commerce plexus. I'm casting
about for ideas on the killer PKI application. I'd like to hear any ideas
- however wild or domesticated - in this space. I can repay all kindnesses
with beer and whatever appreciations that providence provides I can bestow
in the future.
Regards and thanks,
Peter
617 491 2952
