Measuring the success of PKI [was: PKI-TC charter issue]

[Stephen Wilson <swilson@lockstep.com.au>]

Anders wrote: 

> Hi Stephen,
> 
> I only addressed digital signatures in the most prevalent environment
> of all, not other possible PKI problems and misconceptions we may face.
> 
> Since you have ties to the Asina PKI community, can you give us any
> information on how this part of the world address "Web Sign"?

Sorry Anders, I am not totally sure what you mean by "web sign".  Do you 
mean applying digital signatures in thin client web apps?  Personally I 
think that XMLsignatures is the key here, allowing more widespread 
implementation of digital signatures in simple web forms.  We don't see a 
lot of this yet for two reasons: (1) penetration of XML, and (2) more 
importantly, we're in a PKI lull at the moment where developers and 
architects don't see the point of doing dig sigs at all (which then 
reinforces the slow uptake of XMLsignatures). 


> Regarding the other things you write about I (for those who have the
> time to read) comment this in line below
> 
> thanx,
> Anders Rundgren
> 
> >I don't see things as bleakly as you do apparently.
> 
> I'm a realist. In spite of the problems 7% of the Swedish population
> use digital signatures and PKI on a regular basis.  That's probably a
> world record  (per capita).  But frankly those solutions stink as they
> are non-mobile, uses NDA protected  signature plugins, and are
> due to their "soft" nature hadly more secure than static passwords.

But why should we measure the success of PKI by the percentage of the 
general public using it?  By its very nature it's not a ubiquitous 
technology.  A very big obstacle we all need to get over is the long 
lasting misconception that PKI would (or should be) be ubiquitous.  We (as 
PKI advocates in the TC) I think should be very happy if we were to see 
PKI penetrate say 5% of the population, as long as it was the right 5%, 
and led to major improvements in the way certain types of e-business -- 
not all e-business -- is carried out.  

> <snip> 
> 
> >The main impediments to PKI to date I think are as follows: 
> 
> >(1) people misunderstood that PKI is really only well suited (or 
uniquely 
> >suited shall we say) to signature applications (i.e. paper-like 
> >transactions) with multiple relying parties, with rather long 
liefetimes. 
> 
> I would put it differently.  PKI is the only technology that is suited
> for digital signatures but signatures are (in the client context NB)
> in fact entirely optional.

"Entirely optional"?  That seems to me to be a rather sweeping statement.  
Certainly we have found that signatures are not necessary in internet 
banking, for the same reason they are not necessary in phone banking: a 
closed, hub-and-spoke system, where the only RP is at the hub, boils down 
to (a) access control plus (b) strong audit.  

But there are countless applications where signatures are most definitely 
required.  In Australia, large consulting projects in a wide range of 
fields including medical prescriptions, pension funds management, and the 
real estate industry, have analysed in detail the hundreds of instances 
where the law here requires a person to sign something.  Very few of these 
instances can be nicely automated online without PKI.   

My experiences is that when deciding whether to apply PKI or not, the 
first question should be "If we were doing this thing on paper, would 
anyone need to sign anything?" and if the answer is no, then we can 
probably qualify out PKI right away. 

As we speak, Down Under there are various initiatives underway here to 
deploy special purpose digital certificates to healthcare workers, 
lawyers, chartered engineers, and various business licence holders.


> >(2) people aimed for a one size fits all, general purpose identifier, 
when 
> >in fact, in paper-like e-business, we use multiple 
identities/credentials.  
> 
> This sounds like an EU idea and has indeed failed.  Except when RPs are
> government agencies in a country where there is a working citizen ID.
> Like in Sweden.
> 
> >Therefore, some of the dead-ends of PKI have includes Big Bang 
> >electronic passport types of business models, 
> 
> Don't know exactly what you are referring to here

What I meant was that many people thought in the early days, that it would 
be useful (indeed compelling) to have a multi-purpose digital signature.  
And as you say, one practical problem is the need to roll out PKI 
technology to all apps at once, and for all users to have certificates. 
This "big bang" proved unrealistic (and to make it worse, we didn't have a 
clear idea which apps were really well suited to PKI, leading to the 
terrible combination of high project management risk and dramatic over 
engineering). 

Incidentally, a few years ago, Jane Winn used the failure of the Big Bang 
PKI model to damn the entire notion of PKI.  In her infamous Emporer Has 
No Clothes paper whe poo-poohed the fact that people weren't digitally 
signing e-marriage licences and the like.  My response was she was 
criticising a very poor application of the technology, so her points were 
entirely academic. 


> >internet banking, 
> 
> I would be very interested to know why internet banking is not suited 
> for PKI. All banks in EU want to use PKI.  The reason they 
> usuallly don't is the same
> reason as why private enterprises don't: Where is the reader?  There are
> other reasons as well like the fact that on-line provision is the norm
> but still very badly handled by browser vendors (no standards).

These are reasons for why internet banking with PKI is difficult, but my 
point is that internet banking with PKI is not necessary.  The reason is 
that internet retail banking works using the same rules as phone banking.  

It is often said that PKI is better for business banking and indeed I have 
seen reasonably good aplications in treasury functions etc.  This is 
because these more complicated transactions tend to need signatures (and 
because the economics can cope with relatively more expensive software 
development and support issues like smartcard reader deployment). 


> 
> >and person-to-person e-mail.
> 
> See e-business exchanges.

There is a specific point I make about person-to-person email being a poor 
choice of killer app.  When PKI vendors demo email they tend to illustrate 
Alice getting digitally signed email from stranger Bob, and then clicking 
her way through certificates and CP/CPS links and CRLs etc etc etc to 
determine whether or not to trust Bob.  But nobody should seriously expect 
to do this detective work manually.  Real killer apps for PKI usually have 
a machine acting as the Relying Party.  That is, "Alice" is e.g. a server 
processing incoming forms.  The checking of CRLs and CP/CPS etc (actually 
just comparing Policy OIDs) is done automatically.  

The other important point in email is that really good PKI apps do not 
involve transactions between total strangers, but instead involve parties 
which have a prior business relationship, which is readily instantiated in 
the form of a certificate issued by one of the parties to the other.  For 
example, a certificate standing for someone's qualification as a patent 
lawyer, or a licenced customs broker, or a registered medical 
practitioner.  The idea that you can determine a total stranger's 
trustworthiness from reading their digital certificate is not practical, 
indeed is almost fanciful.  

> (3) added: PKI specialists' fixation with end-to-end security in spite
> of that it is impossible to launch without taking down every app there
> is and rework not only the SW but the business processes as well.
> (usually by adjusting the "business logic" as this layer is in conflict
> with the client/user as the only authority).

Anders, I don't think implementing PKI always requires reworking all 
business processes and logic. In fact, the better PKI apps succeed by 
being overlaid on business processes without changing them.  For instance, 
if a paper medical prescription process works by writ of a doctor's 
licence to practice, then it's very smooth and efficient to issue a 
digital cert to the doctor that simply represents her medical registration 
(say with the medical authority acting as RA) and to apply digital 
signatures in e-prescribing software.  Usually this software is fat 
client, updated every quarter or so with a new version, and easily 
mopdified to call up some dig sig functions. 



Cheers, 

Stephen (the glass is always half full) Wilson.



Stephen Wilson
Lockstep Consulting Pty Ltd
ABN 59 593 754 482

11 Minnesota Ave
Five Dock NSW 2046
Australia

P +61 (0)414 488 851

--------------------

About Lockstep 
Lockstep was established in early 2004 by noted authentication expert 
Stephen Wilson, to provide independent advice and analysis on cyber 
security policy, strategy, risk management, and identity management.  
Lockstep is also developing unique new smartcard solutions to address 
privacy and identity theft. 
Contact swilson@lockstep.com.au.