[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [E-CARM] PKI, CAs, TTPs &c.

    Your scenario "the client creates a payment instruction against the account
at their financial institution ... and digitally signs the payment
instruction. the payment instruction flows thru the financial
infrastructure ... and eventually arrives at the client's financial
institution for execution/fulfillment. The client's financial
institution can verify the digital signature on the payment
instruction using the digital signature on file in the client's
account record (placed there during the CA registration
process)." sounds surprisingly(?) like the way we pay bills now, where a 
"payment instruction" is a check.  (My financial institution is supposed to 
verify the signature on all my checks, but I suspect they find it cheaper just 
to take a chance that there is a signature and it's mine.)  All you need to 
add is the endorsements (signatures) by the parties that accepted the check so 
that it can be traced back if it bounces.  Currently, I believe, each endorser 
guarantees the party from whom he accepted the check.

    The world is very likely to go with an electronic system that closely mimics
the present paper system with holographic signatures, because the institutions
and procedures are already established in law and custom.  There are even the 
equivalent of certificates in the business world!  All the palaver about
validating signatures without any local context strikes me as a waste of time.

Charlie Gardiner