incubator-heraldry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ka-Ping Yee <ope...@zesty.ca>
Subject Re: [OpenID] Announcing OpenID Authentication 2.0 - Implementor'sDraft 11
Date Mon, 22 Jan 2007 20:04:38 GMT
On Mon, 22 Jan 2007, Hallam-Baker, Phillip wrote:
> On the contrary, PKI is the basis of the security infrastructure
> that so far has provided the greatest defense against Internet crime - SSL.
>
> Judged by any rational set of standards SSL has been the most
> successful security protocol of all time. The costs of the PKI
> infrastructure are negligible compared to the value of the commerce
> it supports.

In practice SSL is primarily used to establish an encrypted channel
between endpoints, not to establish reliable reciprocal identification.
Given that almost no users pay any attention to certificates, what
reason do we have to believe that SSL succeeds because of PKI, rather
than in spite of it?

By what rational set of standards do you evaluate PKI -- how frequently
it is used, or how much fraud it actually prevents?


-- ?!ng

Mime
View raw message