[8117] in cryptography@c2.net mail archive
Re: Public Key Infrastructure: An Artifact...
daemon@ATHENA.MIT.EDU (Arnold G. Reinhold)
Wed Nov 22 11:13:12 2000
Mime-Version: 1.0
Message-Id: <v04210104b6419bc28c3c@[24.218.56.92]>
In-Reply-To: <Pine.LNX.4.21.0011201358590.12008-100000@ultra.gawth.com>
Date: Wed, 22 Nov 2000 11:00:34 -0500
To: Bram Cohen <bram@gawth.com>
From: "Arnold G. Reinhold" <reinhold@WORLD.STD.COM>
Cc: Ben Laurie <ben@algroup.co.uk>, Lynn.Wheeler@firstdata.com,
obfuscation@beta.freedom.net, cryptography@c2.net,
cypherpunks@cyberpass.net, dcsb@ai.mit.edu
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
At 1:59 PM -0800 11/20/2000, Bram Cohen wrote:
>On Mon, 20 Nov 2000, Arnold G. Reinhold wrote:
>
>> Perry's last sentence gets to the heart of the matter. If CAs
>> included a financial guarantee of whatever it is they are asserting
>> when they issue a certificate, then all these problems would go away.
>
>They aren't going to.
>
>-Bram Cohen
>
It's still early in the game to be so certain. But if you are right,
that in it self is an indictment of PKI. If there really is a market
for trust establishment and a form of PKI is the low cost producer of
trust, then someone should be able to make money by using their
expertise to assemble a technology suite and sell trust insurance
based on the spread between the risk perceived by the market and what
they know to be a lower risk. If such services never develop, it
either means there is no market or PKI doesn't have enough economic
impact to cover the costs of starting such a business.
Arnold Reinhold
