[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: matter of semantics


At 11:21 AM 11/17/97 -0700, Bob Jueneman wrote:
>But if you accept the general proposition that some sharing of the risk is
>appropriate, just to protect against disproportionate and unaffordable
>losses (a la a major medical plan for digital signatures) ,then it could be
>argued that in insurance model is much better than legislatively spreading
>the risk across the society.  If insurance is available (at a reasonable
>cost) against errors and omissions by the CA, as well as for apparent theft
>or compromise of a key, then the subscribers could decide for themselves how
>much risk to take, what their deductible limits ought to be, or whether they
>should self-insure.

Have you seen Mike Reiter's work at AT&T?  He argues well enough to convince 
me that insurance is the only viable model -- but in this case, it is the CA 
acting as insurance agent, insuring the user of the certificate against any 
fraud by the certified key.  That fraud can happen because the proper 
keyholder(K1) is dishonest or by having some dishonest person become the 
keyholder(K1) through theft, trojan horse, Radar O'Reilly attack, 
cryptanalysis, ....  AFAIK, there's no role for a commercial CA which does
not act as insurance company -- ie., which disclaims liability.

 - Carl

Version: PGP for Personal Privacy 5.0
Charset: noconv


|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street  PGP 08FF BA05 599B 49D2  23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |