[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Final Year Thesis : SPKI

also note that for the most part ... the x.509 genre are about
public certificate infrastructures (i.e. PCIs) ... effectively the ability
represent the binding between public-key and some attribute
for use by otherwise anonomous relying parties with no prior business

there are a lot of infrastructures that can represent public key
binding and attributes ... i.e. PKIs w/o having to be PCIs ...
an example is account-based electronic commerce
financial transactions (pay with credit, debit, check, ach,
bank, etc) ... where there is a relationship with a financial
institution ... and the financial institution is responsible for
the funds tansfer/payment. for related info see

for transactions where near real-time status
is required ... (which is given rise to to things like OCSP)
.... questions are raised like are the certificates redundant?
 (especially if an "authority" is going to be contacted in any case).
This becomes double evident in financial transactions ... where
the financial institution may have to be contacted for execution
of the actual transaction.