|
A complex way of administering large
public key encryption schemes. The use of encryption to conceal or
authenticate the contents of messages between two people is simple enough,
but it becomes significantly harder as the number of regular communicants
grows. A global company doing business electronically, such as a bank, must
find a way not just to publish the public keys of everybody on the network
(including employees, suppliers and customers), but also to evaluate the
extent to which everyone should trust each other. Anne may trust Bill, for
example, who in turn trusts Carla; but Carla may not trust either Anne or
Bill, and so requires each of them to prove that their credentials are still
valid every time they communicate.
As the number of people in this
web grows, the problem of managing the relationships becomes server. Public
key infrastructure (pki) schemes handle this with hierarchical certification
programs, which associate public keys with individuals or organisations, and
validation schemes, which verify that a certificate is still valid. There
are many other problems for pki designers to solve: one is
irrefutability, or the ability to say with certainty that an individual
definitely signed a document or wrote a message . Such issues have many
legal and social aspects as well as technical ones, further increasing the
difficulty of implementing pki on a wide scale. |
