Marc Mutz <mutz(_at_)kde(_dot_)org> wrote on 08/09/2002 09:51:21:
I know Americans and Britains will shoot me for this suggestion, but I
am of th opinion that digital signature infrastructures are the job of
the government, just as passports and drivers licenses.
That would blow up the "single organization" to span entire countries
and "pair-wise extension" to the rest of the world would become
manageable.
I think most Britons (and I am one) would have no problem with a
government operated infrastructure (read registry). I doubt that
American's would either subject to certain caveats. Hell, a registry
already exists in both places for companies and driver's licences. The
problem especially in the US is that it operates at state rather than
national level, and getting the states to agree about anything is
extremely difficult.
For my part, I have always thought that one might be able to employ the
banking system as a PKI hierarchy. The Bank for International Settlement
would hold the root. Reserve banks the next level, and commercial banks
the level below that. Interestingly, such a structure is already in place
for SWIFT and other international money transfers between commercial
banks. Money laundering regulations have already established quite a high
bar in many countries to opening a bank account, so I think that another
level could be established. What's not clear is what would be in it for
the banks. Clearly in such a systems, trust would depend upon one's view
of a country's and/or bank's reliability. Certificates from Swiss based
banks would carry higher trust than those from Nigerian banks, to pick on
both countries for no particular reason.
Nick