http://www.anu.edu.au/people/Roger.Clarke/II/PKIMisFit.html Public Key Infrastructure: An Artifact Ill-Fitted to the Needs of the Information Society Abstract It has been conventional wisdom that, for e-commerce to fulfill its potential, each party to a transaction must be confident in the identity of the others. Digital signature technology, based on public key cryptography, has been claimed as the means whereby this can be achieved. Digital signatures do little, however, unless a substantial infrastructure is in place to provide a basis for believing that the signature means something of significance to the relying party. Conventional, hierarchical PKI, built around the ISO standard X.509, has been, and will continue to be, a substantial failure. This paper examines that form of PKI architecture, and concludes that it is a very poor fit to the real needs of cyberspace participants. The reasons are its inherently hierarchical and authoritarian nature, the unreasonable presumptions it makes about the security of private keys, a range of other technical defects, confusions about what it is that a certificate actually authenticates, and its inherent privacy-invasiveness. Alternatives are identified. -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'