Paul is totally correct in that the currently understood methods of
doing PKI
are totally sufficient for dealing with a bit string that represents a
trust
relationship. All three of us seem to be in agreement that nobody truly
understands how to actually create said bit string for a general case
- and
that's not the PKI's fault, because it's ready. The problem is that
the
liveware insists on using very fuzzy definitions of "trust" in the
real world,
I suspect this is for a good reason - namely, that liveware insists on
behaving according to very fuzzy definitions of "trustworthiness" in
the real world, and these definitions are heavily reinforced by social
and legal expectations that are themselves fuzzy (and they vary from
one time and place to another). Sometimes (not always) we have good
reasons for this fuzziness.
The other problem is that people rarely understand why they choose to
trust whom they do, to what degree, and for what purposes, at a
conscious rational level - which makes it very hard for people to
specify a formal policy for whom to trust in software, or to know
whether software that implements a trust policy actually reflects their
own choices.
But this is very much what I meant by PKIs not reflecting real world
trust relationships. I'm really not placing blame on those who have
developed PKI - I'm instead saying that reflecting real world trust
relationships is a very difficult problem.