Anders,<br><br>In Costa Rica there is definitely an interest, because there are already laws that require it. For example, since last year the Congress approved a "Digital Signature Law", that specifies that PKI is the actual technology to use. There is also lotīs of interest for OpenID because of the virtual personality constitutional amendment, so I will be forwarding locally the answers that your PKI&OID questions receive.
<br><br>Best regards,<br><br>Jaco<br><br><br><div><span class="gmail_quote">On 4/6/07, <b class="gmail_sendername">Anders Feder</b> <<a href="mailto:lists.anders@feder.dk">lists.anders@feder.dk</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I'm fairly new to this list, so please bear with me if this subject is<br>already well-understood.<br><br>It's my humble contention, completely without grounding in documented<br>research, that PKI has failed to proliferate as the standard platform
<br>for electronic communication for two reasons:<br><br>1. The incentive to acquire a personal public key is weak. The user must<br>actively seek out PKI solutions in order to have a key pair generated,<br>and the fact of the matter is that the vast majority of users don't even
<br>know what a public key is. Even if the user does manage to acquire a<br>public key, he will have little use for it since most of his peers<br>wouldn't know what to do with it.<br>2. There is no standard way of retrieving the public key of a recipient
<br>user, quite simply because the user is poorly defined outside of the PKI<br>- a retrieving agent wouldn't know where to look.<br><br>OpenID has the potential to solve both of these problems:<br><br>1. As OpenID is adopted across the Web, most users are likely to acquire
<br>an OpenID identifier. If every OP in addition help the user generate a<br>PKI keypair, the issue of public key proliferation is solved.<br>2. OpenID identifiers are URL's, which, by definition, happens to<br>identify a resource for which retrieval is well-defined. OpenID, on the
<br>other hand, defines how such a resource is unambiguously associated with<br>a user. If the user's public key is stored together with the OpenID<br>resource, the issue of public key retrieval is solved.<br><br>In other words, OpenID could be the final building block in the
<br>establishment of a global PKI. A global PKI, in turn, would have a<br>far-reaching impact on IT in general and information security in<br>particular. Exploiting this potential would require a standard protocol<br>for public key retrieval upon an OpenID identifier.
<br><br>* Is there any interest in the community to establish such a standard?<br>* Has any work already been done to this end?<br>* Or have there been other efforts to couple OpenID and PKI?<br>* Other thoughts?<br><br>Regards,
<br>Anders Feder<br>_______________________________________________<br>general mailing list<br><a href="mailto:general@openid.net">general@openid.net</a><br><a href="http://openid.net/mailman/listinfo/general">http://openid.net/mailman/listinfo/general
</a><br></blockquote></div><br><br clear="all"><br>-- <br>Jaco Aizenman L.<br>My iname is =jaco (<a href="http://xri.net/=jaco">http://xri.net/=jaco</a>)<br>Founder - <a href="http://www.virtualrights.org">
www.virtualrights.org</a><br>XDI Board member - <a href="http://www.xdi.org">www.xdi.org</a><br>Tel/Voicemail: 506-3461570 <br>Costa Rica<br><br>What is an i-name?<br><a href="http://en.wikipedia.org/wiki/I-name">http://en.wikipedia.org/wiki/I-name
</a>