Re: [Asrg] Email Certification Path Proposal
2003-03-11 01:57:07On Tue, 11 Mar 2003 08:16:04 GMT, Jacqui Caren <jacqui(_dot_)caren(_at_)ig(_dot_)co(_dot_)uk> said:
If we could find some sucker^Wkind-person who would host the initial central CA for free and we could then find say a few dozen companies who would offer free public CA's we could have an infrastructure in place with little or no cost to the public.
And said certificates would be worth what they cost. Little to nothing. Running a CA is easy. Certifying that the users are who they say they are is *HARD*. Let's say the actual server, software, install, bandwidth, etc, costs $20K. Let's say we've also decided to charge $5 per certificate. Now you need an office where 4,000 people can come in and show ID to prove they are themselves so you can create a certificate for them. Now you have to pay for office rent and a clerical worker to do that work, so your break-even point just went to 10K people. Hopefully you're in a city, so you don't have to open multiple offices all over the place... Work out the business model for 500K certificates. Remember to include in the price tag the private investigator doing background checks on the people who run the CA's to make sure they don't have any ties to spammers or organized crime.... If you don't think the background check isn't needed, you need to think about it some more.... Here's what happens when it isn't done right: http://www.cert.org/advisories/CA-2001-04.html
pgpFFc2S2Msxs.pgp
Description: PGP signature
| Previous by Date: | Re: [Asrg] Lets Fix Mailing Lists, Jacqui Caren |
|---|---|
| Next by Date: | Re: [Asrg] email licences, Valdis . Kletnieks |
| Previous by Thread: | Re: [Asrg] Email Certification Path Proposal, Jacqui Caren |
| Next by Thread: | Re: [Asrg] Email Certification Path Proposal, Vernon Schryver |
| Indexes: | [Date] [Thread] [Top] [All Lists] |