Re: [pki-tc] Measuring the success of PKI [was: PKI-TC charter issue]

["Anders Rundgren" <anders.rundgren@telia.com>]

Stephen,
I believe it is _much_ too early to tell where PKI _really_ is going.

For example, it is in fact technically possible to use a passport-like PKI for
numerous entirely different purposes including on-line banking, e-gov services,
login to the enterprise etc.  That is, this single credential can be used
to point to resources or capabilities of the holder.  3D Secure is
an example of how smooth this can be.  You can have a credit card
as a "virtual capability" at the issuer bank and only use the login PKI
for using it.  Merchants only "see" your virtual credit card NB.

Why would this scheme have any chance on the market?  Well, it
does allow you to revoke and renew [potentially] your entire "e-power"
in ONE operation.

If such a PKI is run by banks you could actually do this globally and
the associated banks could maybe charge some $10-$25 for it annually.
No other CA structure is likely to match such an ID network.

We may actually need this when we start to DEPEND on PKI.
Having 10 different more or less local PKI cards in your wallet
will be a nightmare to revoke and renew if you happen to get
mugged or similar on the wrong side of the globe.

The HUGE difference with the current situation is that credit-cards is
only about money while the embedded PKIs you mention, vouch
for things you cannot get from any but the actual source.

If this will be established or not depends on many factors, the
most important is probably the business model.  The so far
dominating business model within the financial sector known
as the Identrus four corner model have so far not delivered
much as it is essentially "call collect" and that is hampering
acceptance.

Stay tuned.  For another decade or so :-)

Anders


----- Original Message -----
From: "Stephen Wilson" <swilson@lockstep.com.au>
To: <pki-tc@lists.oasis-open.org>
Sent: Tuesday, May 31, 2005 21:45
Subject: Re: [pki-tc] Measuring the success of PKI [was: PKI-TC charter issue]



Anders

I think you and I might be closer in our views than it appears.  I think
the future of PKI is embedded digital certificates.  When I said that
ubiquitous use of digital signatures by the general public need not be the
best way to measure PKI's success, I meant to say "overt" digital
signatures.

But I too see embedded PKI, delivered via EMV and other types of
smartcards and portable devices, as taking over.

I wrote a paper for the American Bar Association about this a little while
ago.  See www.abanet.org/scitech/nosearch/eblast/eblastarticle1.html and
an extract below.

Cheers,

Stephen.

--------------------------------------

PKI without tears
January 2003

Abstract

Traditional Public Key Infrastructure (PKI) is unnecessarily complicated.
Largely as a result of early misconceptions that we needed an all-purpose
digital passport to do business on the Internet, traditional PKI has
become overloaded with invasive personal identity checks and complex legal
arrangements. To make things worse, early software implementations brought
out explicit details of digital certificates, necessitating unusually
intense user training. To try to support stranger-to-stranger
transactions, user agreements for general purpose certificates have
required people to read and understand huge and forbidding Certification
Practice Statements. And yet the business benefits of going to all this
trouble remain controversial.

Most of the burden of orthodox PKI derives from trying to create the all-
purpose digital identity. In day-to-day personal commerce, this is
famously analogous to a drivers licence, but in the professions and in
business, a single identity is uncalled for and unprecedented. PKI tends
to deliver its greatest benefits – automatic paperless processing, reduced
legal risk, lower cost of dispute resolution – in high value, high volume,
specialist applications, where digital personae are application-specific.

There are new PKI models where the cryptography is embedded deeply into
smartcards, to much the same extent that complex ferromagnetic technology
is built into all the other plastic cards we take for granted. Application
software can be engineered so that all digital certificate functions are
automated; smartcards can be issued to professionals and business people
under existing terms and conditions which reflect the users’ standing. The
user experience then becomes the same as with any conventional access
card. We can do away entirely with the need to read and understand complex
Certification Practice Statements and Policies, sign up to unusual
Subscriber and Relying Party agreements, or undergo esoteric technical
training. Thus the underlying PKI becomes true infrastructure, used purely
to automate paperless transactions between parties who are already
accustomed to dealing with one another.

This paper presents a fresh look at the business drivers and true benefits
of digital signatures, and shows how application-specific PKI can deliver
the benefits with better usability, zero registration overhead, reduced
training costs, simpler liability arrangements, and streamlined
accreditation. The paper is aimed at regulators, policy analysts and e-
business strategists with an interest in the future of PKI.

--------------------------------------



> c-i-l
>
> Stephen wrote:
>
> >Sorry Anders, I am not totally sure what you mean by "web sign".  Do
you
> >mean applying digital signatures in thin client web apps?
>
> The following is a fairly good description of web sign.  Page #6 is the
actual definition.
> http://web.telia.com/~u18116613/onlinesigstdprop.ppt
>
> >Personally I think that XMLsignatures is the key here, allowing more
widespread
> >implementation of digital signatures in simple web forms.
>
> Absolutely.
>
> >We don't see a  lot of this yet for two reasons: (1) penetration of XML,
> >and (2) more  importantly, we're in a PKI lull at the moment where
developers and
> >architects don't see the point of doing dig sigs at all (which then
> >reinforces the slow uptake of XMLsignatures).
>
> I cannot verify this.  XML is huge.  XML signatures is in good use.  But
it is
> mostly happening on the server side as the client platform is still
inferior
>
> <snip>
>
> >But why should we measure the success of PKI by the percentage of the
> >general public using it?
>
> It is at least one way to measure.  By doing that I would say that Sweden
> is about FOUR MAGNITUDES more successful than the US :-)
>
> >By its very nature it's not a ubiquitous  technology.
>
> I don't agree a single bit on that.  PKI will long-term become
> more used than passwords for on-line services.
>
> >A very big obstacle we all need to get over is the long
> >lasting misconception that PKI would (or should be) be ubiquitous.
>
> Since 50% of the entire Swedish population can get a PKI cert
> today, I have some problems with this statement of yours.  Maybe
> you refer to the universal use of a specific PKI? That's another issue
> in my opinion.  Which I agree on BTW.
>
> >We (as PKI advocates in the TC) I think should be very happy if we were
to see
> >PKI penetrate say 5% of the population, as long as it was the right 5%,
>
> We are as I told you far ahead of this goal already.  With EMV cards
> for payments using PKI we get some 35% penetration of a special
> purpose PKI.
>
> >and led to major improvements in the way certain types of e-business --
> >not all e-business -- is carried out.
>
> IMHO all e-business can without doubt benefit from using PKI
> *technology* but that involves everything from EMV payments in
> a shop to server-signed B2B POs.
>
> What kind of e-business would not gain by using PKI technology?
>
> <snip>
>
> >But there are countless applications where signatures are most
definitely
> >required.  In Australia, large consulting projects in a wide range of
> >fields including medical prescriptions, pension funds management, and
the
> >real estate industry, have analysed in detail the hundreds of instances
> >where the law here requires a person to sign something.  Very few of
these
> >instances can be nicely automated online without PKI.
>
> I believe you are limiting the use of signatures by connecting it to law.
> Digital signatures is a way to show intent.  That is, you can indeed
> sign up for a dentist appointment using signatures.  This is already
> implemented in Sweden.
>
> <snip>
>
> >These are reasons for why internet banking with PKI is difficult, but
my
> >point is that internet banking with PKI is not necessary.  The reason
is
> >that internet retail banking works using the same rules as phone
banking.
>
> Now you are into this legal business again.  PKI should be
> compared to long passwords and OTPs.  PKI is MUCH more convenient
> as well as withstands any amounts of server-break-in attempts.
> Passwords and OTPs typically lock the account after a few consecutive
errors.
> That could cost tons of money.
>
> Signatures actually combine an intent (transaction request) with a
> procedure and security and is IMO useful for paying simple
> bills.  If the signature software is appropriate that is.  I do
> this all the time actually...
>
> >It is often said that PKI is better for business banking and indeed I
have
> >seen reasonably good applications in treasury functions etc.  This is
> >because these more complicated transactions tend to need signatures
(and
> >because the economics can cope with relatively more expensive software
> >development and support issues like smartcard reader deployment).
>
> I do not agree.  It is volume apps that benefit from PKI.  Things that
> you only do occasionally you might as well do the conventional way.
> But I of course again see this from a consumer perspective which is
> due to the fact that in EU, PKI is mostly a consumer movement.
>
> >The other important point in email is that really good PKI apps do not
> >involve transactions between total strangers, but instead involve
parties
> >which have a prior business relationship, which is readily instantiated
in
> >the form of a certificate issued by one of the parties to the other.
For
> >example, a certificate standing for someone's qualification as a patent
> >lawyer, or a licenced customs broker, or a registered medical
> >practitioner.  The idea that you can determine a total stranger's
> >trustworthiness from reading their digital certificate is not
practical,
> >indeed is almost fanciful.
>
> Violently agree!
>
> >Anders, I don't think implementing PKI always requires reworking all
> >business processes and logic. In fact, the better PKI apps succeed by
> >being overlaid on business processes without changing them.  For
instance,
> >if a paper medical prescription process works by writ of a doctor's
> >licence to practice, then it's very smooth and efficient to issue a
> >digital cert to the doctor that simply represents her medical
registration
> >(say with the medical authority acting as RA) and to apply digital
> >signatures in e-prescribing software.  Usually this software is fat
> >client, updated every quarter or so with a new version, and easily
> >mopdified to call up some dig sig functions.
>
> One problem is when this e-prescription is about to be transferred to
> the pharmacy because message encryption which is a necessity in
> this sector is incompatible with everything else.
> http://w1.181.telia.com/~u18116613/A.R.AppliedPKI-Lesson-1.pdf
>
> The following is a real example of e-health worth studying:
> http://middleware.internet2.edu/pki05/proceedings/kailar-phinms.ppt
>
> If individual signatures were to be added, they should (IMO)
> be stored locally together with other audit info.
>
> In fact, here I believe this TC is on the wrong track.  But "fortunately"
> this TC is in very good company, there are numerous other "PKI-TCs"
> and they all refuse to acknowledge the notion that an information
> system can be "authorative".   We, the system architects have worked
> with this "paradigm" since day #1 and see no reason to change.
> On the contrary, this is a wonderful way to create a scalable PKI.
> There is a reason why VeriSign have 1 billion relying parties for their
> SSL CA as well as a million paying subscribers!
>
> Here you already have a truly ubiquitous PKI BTW.
>
> Cheers
> Anders Rundgren

--
<Put email footer here>

---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that
generates this mail.  You may a link to this group and all your TCs in OASIS
at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php