Trustworthy contacts

Owen Lewis ukcrypto at maillist.ox.ac.uk
Mon, 11 Sep 2000 14:19:59 +0100 

----- Original Message -----
From: "David Hansen" <davidh@spidacom.co.uk>
To: <ukcrypto@maillist.ox.ac.uk>
Sent: 09 September 2000 19:08
Subject: Re: Trustworthy contacts


> On 9 Sep 00, at 11:12, George Foot wrote:
>
> > But dual key methods are a technical innovation introduced by
> > technical people
>
> Most technical innovations are:-)
>
> > which has lamentably been seized upon by
> > energetic but shortsighted interests as a basis for a e-commerce
> > framework which has been enshrined in law before it has been tested in
> > practice.
>
> The alternative to a public key system for e-commerce would be a
> secret key system. I doubt very much if key management could be done
> with such a system.

True. However, it's some distance from saying that a persolally managed
cryptosystem, e.g. PGP offers a good solution.
>
> Even if it was possible to make a secret key system work for e-
> commerce I am not the only person who would abhor such a system. The
> idea that people should trust a "trusted" party to manage keys for
> them goes back to the days when people knew their place and were
> happy to be patronised by their betters.

I think that statement encapsulates much of the problem we seem to face. As
an observation rather than as any criticism, the statement is one of
socio-political credo. This does not necessarily invalidate it but makes it
perhaps not the best yardstick for developing or even selecting from
alternative secure systems.

As I have suggested in another recent thread, hierarchical secure stems have
a great deal going for them and have a well established track record in many
situations. The argument centres around two points:

        1. The extent to which PK systems can usefully and securely replace
other cryptosystems which have a very heavy management overhead to assure
their secure operation. No one, I imagine, denies that that replacement has
in part already occurred and that it is set to continue for some time.

        2. The extent to which PK systems should be harnessed to
hierarchical control mechanisms, especially for key management.

For use solely within an organisation and for the sole purposes of that
organisation, the benefits of such management seem attractive indeed. The
greater the rights of the individual in the information to be secured, the
less attractive hierarchical control mechanisms will seem. But in government
and in commerce, there are often little of no individual rights in secured
information. Either the rights are vested in the organisation or, even where
that is not so, it is the organisation rather than the individual that may
suffer most where there is a system falure or security breach.

Even where there are real individual rights in the infomation, e.g. personal
data, any case for dispensing with hierarchical controls has yet to be made.

Owen