PKI: An Ill-Fitting Artifact

[Marjorie Simmons <lawyer () carpereslegalis com>]

Public Key Infrastructure: An Artifact Ill-Fitted
to the Needs of the Information Society
   By Roger Clarke
Visiting Fellow, Department of Computer Science,
 Australian National University
Prepared for submission to the 'IS in the Information Society' Track of the
Euro. Conf. in Inf. Syst. (ECIS 2001), Bled, Slovenia, 27-29 June 2001
Version of 9 November 2000

http://www.anu.edu.au/people/Roger.Clarke/II/PKIMisFit.html

Abstract
It has been conventional wisdom that, for e-commerce to fulfil its
potential, each party to a transaction must be confident in the identity of
the others. Digital signature technology, based on public key cryptography,
has been claimed as the means whereby this can be achieved. Digital
signatures do little, however, unless a substantial infrastructure is in
place to provide a basis for believing that the signature means something of
significance to the relying party.

Conventional, hierarchical PKI, built around the ISO standard X.509, has
been, and will continue to be, a substantial failure. This paper examines
that form of PKI architecture, and concludes that it is a very poor fit to
the real needs of cyberspace participants. The reasons are its inherently
hierarchical and authoritarian nature, the unreasonable presumptions it
makes about the security of private keys, a range of other technical
defects, confusions about what it is that a certificate actually
authenticates, and its inherent privacy-invasiveness. Alternatives are
identified.

Contents
1. Introduction
2. The Perceived Need
3. Conventional Technology
3.1 Digital Signatures
3.2 Public Key Infrastructure
3.3 The X.509v3 Standard
3.4 The Hierarchical Model of Trust and Liability
4. Private Key [In]Security
5. Other Technical Weaknesses in X.509
6. What Assurance Does an X.509v3 Certificate Actually Provide?
7. Privacy Concerns
8. Alternative Models of Trust
8.1 PGP's 'Web of Trust'
8.2 SPKI/SDSI
8.3 Stefan Brand's Alternative Certificates
8.4 Reputation and Brand
8.5 Nyms
8.6 Trust Management
9. Conclusions
References

~~~~~
Marjorie Simmons, Esq.
lawyer () carpereslegalis com
http://www.carpereslegalis.com

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".