On Mon, Dec 15, 2003 at 12:05:50PM -0800, Tony Hain wrote:
Hence my original comment that the politicians need to broker the trust
relationships. There will clearly be multiple technical relationships, with
very different characteristics, just as there are for inter-personal trust
relationships outside the technical space. The fundamental point is that the
IETF is not capable of (nor in any position to) further the deployment of
PKI's until the non-technical aspects get resolved. On a global scale that
role has traditionally belonged to the ITU, so that would be a good place to
go as the next step. There are undoubtedly other organizations that need to
be involved on smaller scales, but this is a case where a top-down
consistent framework will probably make the technical job easier down the
road. Any way you want to define it, this is an aspect of Internet
governance, and it clearly doesn't belong to either ICANN or the IETF.
The rest of us clearly have our disagreements about what the term PKI
is currently used for, and how important public key technology is.
But I run into very very few people who are waiting for, or even
wanting, this sort of world-wide, top-down vision of it, as part of
some government-controlled infrastructure like roads and traditional
telephone systems.
Like most innovative and good things, productive use of public key
technology grows best from the ground up, with private infrastructures
that in time will be based on common forms of shared data. That again
is where federations come in. And it requires applications and tools
and policies that work well with lots of keys from lots of sources,
and allow users to control which keys are shown to which relying
parties.
Neal McBurnett http://bcn.boulder.co.us/~neal/
Signed and/or sealed mail encouraged. GPG/PGP Keyid: 2C9EBA60
pgpjpLD6ESEPZ.pgp
Description: PGP signature