Both VISA and MasterCard have rejected the concept of using X.509
certificates for payment purposes and traded off identity for degree of
security. VISA in particular recognizes the liability factor for its
member banks, with whom we have also been working.
This seems to say that they confused the use of an X.509 certificate with the
notion of an identity-based "credential."
The visa people explained the semantic shift from a more straight-forward
business perpective: we dont want non-repudiation. We do want other
payment-oriented protection services though, which entail that the "credential
might serve as proxy for our current plastic cards, and the long-established
attached legal semantics."
Therefore, said Mr Visa, Mr Gates, design us a system of messaging, payment and
key distribution which does this. (This is what Im reading between the lines.)
This analysis, one might say, cuts to the heart of it. Its not confusing to me;
"the key distribution infrastructure shall NOT, UNDER ANY CIRCUMSTANCES,
provide for
a repudiable 'digital signature'" said, in paraphrase, a VISA economist to
Verisign at
a recent briefing. (And these are the guys who perform the risk arbitrage)
SEPP says: digital signatures are a mechanism with which to provide for
non-repudiation security services required by modern trade. STT seems to
say; RSADecrypt() is merely a way of releasing payment instructions
having undertaken assured key distribution for the confidentiality channel.
how does this relate to PEM and MOSS design upon which we are here to comment?
MOSS reacted to 1422 by making 1422 an option which does something with all
that non-repudiation stuff. I think STT says, the security objectives of
1421/1422, are not wanted in a payment system, period. I believe nwo that
SEPP says something more like PEM, with a mandatory MC versus MIT
CA hierarchy, and designs for a world of non-repudiation with a massive
great MISSI-style CMS to match.
Its a fascinating, though esoteric, difference. We best stop before someone
insults us. But I do refine a previous conclusion. It seems that STT does in
fact plan for a gateway world; at the the plastic/credential interface. Subtle,
but rather neat. Im beginning to like it, now I understand it.
Peter.