[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Dr. Faust's Internet Dilemma


The following msg summarizes and extends some issues previously
discussed here, on various privacy versus security and also anonymous
identification threads, with references. Due to its length, only part
of its introduction is provided below. For a full copy please visit


Certification contains a paradox between privacy and security [2].
Basically, if personal or commercial data are denied on privacy
reasons then the other party cannot ascertain the correctness and the
effectiveness of transaction data.  Third-party certification systems
such as PKIX/X.509/CA makes the paradox stronger, by introducing a
third element in a binary dialogue.

Of course, we need security now. But, also of course, we need to
protect privacy, because privacy once lost -- is lost for life. This
is usually forgotten not only by CAs that demand your SSN or any
other private data that has nothing to do with a cryptographic
certificate, but also by proponents of "innovative" biometric
products. They all want to offer you a bargain trade: security now
versus your own self forever.

But, as we can read in Dr. Faust, "security now versus your soul
forever" is not a very good deal.



Ed Gerck
Dr.rer.nat. E. Gerck                    egerck@novaware.cps.softex.br
 ---- Meta-Certificate Group Member -- http://www.mcg.org.br ----