[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Designer Certs

>I do not agree at all with this affirmation for the simple reason that in
>the business world all the agreements are essentially directly negotiated
>among the partecipants (in other words the negotiaton is the basis on
>which they establish a trust level) this happens in the same way in case of
>small or large business.

In the examples you give trust is quite definitely provided by a third
party. In the case of cash the coins or notes have value only because
they are created by a third party which promises not to create too
much of it.

In the case of a credit card transaction there are few aspects of the
transaction which are not affected by the merchant agreement of
the card association involved.

>And, no one can
>replace the final decision of the merchant and me about the quantity of
>risk that we decide to assume in our business.


Note however that the parties concerned are 1) relying on data from
third parties and 2) making their own decisions about what degree of
trust to place on that data.

>I want to point out to the fact that we have negotiated (even for the
>simple action to buy a book) a relatively large number of "cross
>certifications" where the relation among the "certification
>authorities" are (even if they can exist) meaningless for our goals.

No, this is not a cross-certification in the sense being discussed.

In the first place it is a bilateral agreement which has been established
through the involvement of a third party. In the case of a card agreement
the card association is not only moving the money from point A to
point B it is also bearing certain aspects of liability. For this very
reason the card associations in general look to prevent the trust they
created being exploited outside the framework of their transactions.
Taking a credit card imprint to process in case a cheque bounces
is a definite no-no in most merchant agreements.

The closest example to cross certification in the strict bilateral
sense is the use of a check to purchase retail goods without some
form of check guarantee card as used in Europe. In most cases
a drivers license is asked for (i.e. a third party certificate), this
is then in most cases used to obtain an authorization from a
verification beureaux

>I think that our best efford can go in a direction that can unify the
>protocols of the negotiations but I think that we cannot impose the
>methods .... in other words we cannot impose a trusted chain .... we must
>stop where others (the partecipants of the business) must decide...

Nobody is arguing that there will be a single monolithic CA (well almost
nobody, some in X.500 still dream). The question is whether there
will be tens, hundreds or millions involved in inter-domain certification

If there are millions of CAs performing interdomain trust negotiations
then a protocol is required. But note that the developers of such a
protocol still need to establish that it satisfies the social as well as the
technical constraints of the problem.

If there are hundreds of CAs then the question of standardizing protocol
is not critical. It is simply information to be exchanged. Rich Saltz and
myself can expect to meet at a large number of meetings concerning
the issue of inter-domain certification over the next year or so. Indeed
the SET root managed by CertCo can be expected to be issuing inter
domain trust credentials for the Visa root managed by VeriSign. The
process by which this is achieved being a 'key-ceremony' involving
lawyers, notary publics and a notorial video tape camera in an event
more familliar to the masonic lodge than the data center.

What I am arguing is that a decision by two parties to establish a joint
system of trust _to_be_used_by_third_parties_ is vastly more complex
than simply deploying some fancy technology.