Edward Vielmetti writes:
While it is true that the PEM model posits a collection of PCA's which
each may be a locus of trusted relationships, and that these
individual PCAs may or may not be treated by a suitably skeptical user
as being really trustable, there is still a key part of the
infrastructure development that is flawed with respect to a PGP based
cooperative scheme. That is to say that there is *one* IPRA, *one*
center of the universe (even if it's just an administrative center),
and that working within that system implies a level of cooperation
with those authorities that may not be suitable.
CREEP, the CIA, the Mafia, the Students for a Democratic Society (to
take a local example) would have been able to create a PCA and
register them with the IPRA, but recall of course that registration is
one that might not be in your best interest if you are someone who is
sensitive to traffic analysis. PGP admits the notion of keeping
autonomous cells which may be totally unknown by central authorities.
This may be for commercial competetiveness reasons (to hide a joint
venture from competitors), privacy reasons, or other political or
social motivations.
Since the IPRA has not yet been established, we have that situation
now. I won't try to defend having an IPRA, as it adds very little in the
way of trust. It merely provides a means of exchanging CRLs across
PCA domains.
If you wish to set up a autonomous PCA that doesn't send its CRLs to
the IPRA, you are free to do so, and your PEM implementations will still
function correctly. The IETF may object if you claim that your PCA is
PEM-compliant, but lightening won't strike you down.
If PEM implementations support the notion of the user being able to control
which PCAs, CAs, and users are to be automatically accepted,
automatically rejected, or displayed to the user during the encryption
and validation phases, doesn't that satisfy your requirements?
If so, you can either let your local PEM vendor know of your requirements
and hope that he responds, or you can build such a system yourself. Or
you can use PGP, but that would give rise to the type of Betamax vs. VHS
incompatibility that I think most people would like to avoid.
I hope, at least, that PGP will be thought of as a temporary expedient
for use while the full PEM infrastructure is being established. If there are
serious, long-standing business reasons why a substantial user community
would prefer to use either the PGP architecture and/or PGP
implementations rather than PEM, then I think the IETF will eventually
be forced to address those issues and try to achieve some sort of closure.
But so far, I haven't heard any really substantial advantages expressed.
Bob