Public Key Infrastructure: An Artifact...
Lynn.Wheeler at firstdata.com
Lynn.Wheeler at firstdata.com
Tue Nov 14 08:01:14 PST 2000
As an aside ... AADS (http://www.garlic.com/~lynn/ ) relies on existing business
processes that provide secure bindings in account records ... just adding public
key & digital signature to existing authentication processes for
non-face-to-face and/or face-to-face transactions (i.e. the meaning of what is
in the account bindings continues to be what the business processes have defined
those meanings to be).
existing e-commerce is straight forward because it operates almost totally
within existing account-based business processes ... and the business
transactions tend to include more complex bindings from the acocunt records
(than just authentication) ... things like real-time credit-limit, open-to-buy,
running totals, month-to-date and/or year-to-date activity, etc.
the original PKI target from the early '80s for offline email authentication was
a problem since it mostly any kind of authentication binding processes.
"R. A. Hettinga" <rah at shipwright.com> on 11/11/2000 11:25:35 AM
Please respond to "R. A. Hettinga" <rah at shipwright.com>
More information about the Testlist
mailing list