[OpenID] openid query

Martin Paljak martin at paljak.pri.ee
Fri Feb 29 10:50:01 UTC 2008 

A bit OT, but something I always want to say when there is a  
discussion about trust and technology.

IMHO trust is a very personal *decision* based on facts, not a fact by  
itself. There is no universal "trust" that stems from technology.

In Estonia, when people say they don't trust the smart card technology  
which the national eID is based upon or they don't trust the  
government issuing them, I always reply with this:

"I believe it is OK to communicate using a technology you don't trust,  
given to you by a party you don't trust, with a government you don't  
trust anyway. If you lack trust in the first place, why bother if it  
makes your life easier?"

I, for example, trust the technology behind smart cards. But I might  
have issues with the government. And this zeros the final "trust  
decision" made by me, no matter how good the technology might be.

For me, all technologies that imply some kind of universal built in  
trust (like PKI) are therefore broken by design.

So instead of building a uniform trust model into OpenID, lets give  
all parties (users, consumers, providers) means to make a good trust  
*decision* based on different inputs. Like PAPE.




On Feb 29, 2008, at 11:29 AM, Nat Sakimura wrote:
> But what does it take to get a cert? Very little.
>
> That is why it does not solve the trust problem.
>
> (EV Certs are another initiative to solve this trust problem,  
> though. )
>
> Nat
>
> 2008/2/29, Vipin Rathor <v.rathor at gmail.com>:
>> hi,
>>
>>
>>
>>> This only solves the problem of eavesdropping, not trust.
>>
>> I'm disagree with this. As per my understanding, the digital
>> certificate provides integrity, authentication and non-repudiation.
>> (http://en.wikipedia.org/wiki/Public_key_certificate). And with the
>> help of trusted third-party (CA), it provides trust relationships.
>>
>> Is there something with OpenID requirements, that I'm not getting?
>> Please help me out...
>>
>>
>> -- Rathor
>>
>> _______________________________________________
>> general mailing list
>> general at openid.net
>> http://openid.net/mailman/listinfo/general
>>
>
>
> -- 
> Nat Sakimura (=nat)
> http://www.sakimura.org/en/
> _______________________________________________
> general mailing list
> general at openid.net
> http://openid.net/mailman/listinfo/general

-- 
Martin Paljak
http://martin.paljak.pri.ee
+3725156495

More information about the general mailing list