[cryptography] Let's go back to the beginning on this

Thierry Moreau thierry.moreau at connotech.com
Mon Sep 12 11:51:52 EDT 2011

In summary, Jon Callas wrote, about the challenges of ascertaining 

> The who who make you an authority are the community, 
> and they do it because you act like one.

This is just one of three models of identity assessment, prior to any 
technological component:

one's reputation in a community,

one's track record of past interactions with the relying party (e.g. 
account payment history), and

one's participation in a formal ceremony (e.g. applying for a passport).

The PGP vs PKI analysis puts emphasis on the first one, mainly because 
the PKI proponents has not been very explicit about identity assertion 
model. But the other two models are operating here and there in the IT 
security landscape.

- Thierry Moreau

CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, QC, Canada H2M 2A1

Tel. +1-514-385-5691

More information about the cryptography mailing list