Ok, this is all making sense... you're agreeing that identity can be established by recurrent email/posting, and saying that having not just the email address but the fingerprint as an element of that identity ties the key in far more tightly? If this is what Ellison is advocating, then I can see his point on this count. Or does he mean that your fingerprint should *be* your address?
Time to update my sig, anyway.
If, as is then possible with G/PG/P, you *can* tie a key to an identity (even if it takes time) - and have a comparetively open and interoperable standard, I think that the blanket statement 'PKI needs to die' is incorrect. It would seem that PKI *can* work, with a little help (by people establishing sufficiently unique and non-copiable identities as a factor of the key).
Partial, vendor-driven PKI solutions with repeated/copyable identities, are evidently a very different matter.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
timeasmymeasure
no subject
Date: 2002-06-11 06:02 am (UTC)Time to update my sig, anyway.
If, as is then possible with G/PG/P, you *can* tie a key to an identity (even if it takes time) - and have a comparetively open and interoperable standard, I think that the blanket statement 'PKI needs to die' is incorrect. It would seem that PKI *can* work, with a little help (by people establishing sufficiently unique and non-copiable identities as a factor of the key).
Partial, vendor-driven PKI solutions with repeated/copyable identities, are evidently a very different matter.