-----BEGIN PGP SIGNED MESSAGE----- At 04:47 PM 11/22/00 -0800, Bram Cohen wrote:
On Wed, 22 Nov 2000 Lynn.Wheeler@firstdata.com wrote:
the other scenerio that some certification agencies have expressed (i.e. licensing bureaus, bbb, consumer report, etc operations) is that in the online world ... that they would provide an online service .... rather than certificates designed for an offline world.
Yes, it seems fairly well established that revocations just plain don't work.
Once again, the solution to the problems of offline operation appears to be online operation.
And the annoying thing about this is that once we go to needing an online trusted third party to allow us to have secure communications, we may as well chuck the public key stuff and just use symmetric ciphers and the key exchange protocols worked out ten or fifteen years ago. Which makes me suspect that we're just not using public key mechanisms very intelligently yet. We've realized that screws are better for many jobs than nails, it's just that they're so damned hard to hammer in....
-Bram Cohen
--John Kelsey PGP: 5D91 6F57 2646 83F9 6D7F 9C87 886D 88AF ``Slavery's most important legacy may be a painful insight into human nature and into the terrible consequences of unbridled power.'' --Thomas Sowell, _Race and Culture_ -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.1 Int. for non-commercial use <http://www.pgpinternational.com> Comment: foo iQCVAwUBOh7WlyZv+/Ry/LrBAQE+eAP9E8RxIl9TAVbWT8CJKGl0V3IN9wMCWs82 wzh3XaSs/YYdGcG/+rEPN+S6y9t8HsSz9vr3dgPwOMDsVvkmBkOQJT+YK86thUiS a4eL2Ea9T2lAj5+gb6jeUhBpqn130C0WxUab5ARZffSOMkZCa7I9V6CfKIwL9Noq fMzDtrkqNXw= =yGFp -----END PGP SIGNATURE-----