On Mon, 20 Nov 2000, R. A. Hettinga wrote:
At 12:10 PM -0500 on 11/20/00, Arnold G. Reinhold wrote:
If CAs included a financial guarantee of whatever it is they are asserting when they issue a certificate, then all these problems would go away.
Right.
Bonding would not fix this problem. It only moves the question of identity and responsibility to the bonding agency. You've still solved nothing.
Like Ellison (and Metzger :-)) have said for years now, the only "assertions" worth making are financial ones. "Identity", biometric/meat, or otherwise, is only a proxy for asset protection anyway.
Bullshit. Identity is a asset as much as a digital balance in my banks computer. This is a false distinction.
I claim you can do this on the net without the current mystification of identity that exists in the financial system, using bearer asset cryptography, among other things, but that's another discussion altogether.
But how do you certify the bearer's identity without a CA or reverting to something along the lines of the PGP web-of-trust? Who writes and certifies the bearer algorithms? ____________________________________________________________________ He is able who thinks he is able. Buddha The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------