[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Other ideas for certificates

Tammy Carter writes:
> 1.  Motivation for Suspension of Certificates Yes, I know that
> suspension is not something that is condoned, but the following
> scenario seems to beg for the capability....

The scenario you give seems to be flawed; I'll state why

> My child has a permission certificate from me allowing her to spend
> up to $100 on my credit card

Now, the problem here is that I'm not convinced that such a signed
document would be necessary. Since this has to be enforced by the bank
issuing the credit line (I'm not sure "credit card" makes sense any
more :-), I'd say that the right thing to do is to give instructions
to the bank, not to have a certificate that a merchant would look
at. The merchant could, after all, not do the right thing, and in any
case the bank has to tell the merchant if a transaction is authorized
based on running totals -- online clearing is essential. I thus am not
sure such a certificate would ever exist.

Ultimately, one must always ask "who is being asked to believe a
signature on this document"?

In the case of commercial paper (checks and the like) or drafts
against credit cards, the answer is always "the bank", in which case
if the bank has the public key on file it is not clear that it needs a
certificate authority at all. (It might be argued that a merchant
wants to know that you aren't ripping them off, but the only real way
to know that is to find out if the transaction clears, since merely
knowing you possess an account never says anything about whether you
have a single penny in it.)