P2P, Web Services, Wireless, and Beyond
O'Reilly Emerging Technology
Westin Santa Clara
May 13-16, 2002 -- Santa Clara, CA
Building on the momentum and excitement of the O'Reilly Peer-to-Peer and Web Services Conference.
Why Current Public-Key Infrastructures are a House of Cards
Richard Forno, CTO, Shadowlogic
Date: Tuesday, May 14
Time: 5:15pm - 6:00pm
This co-authored essay (picked up by several publications, including ST&D
Magazine, Communications of the ACM, and more) examines the reality of the
alleged "trust" services provided by PKI companies, particularly in light of
how VeriSign was duped into generating two Class 3 digitial certificates to
imposters claiming to be from Microsoft. To get a Class 3 from VeriSign
reportedly means an in-depth verification of the requestor's credentials.
This essay shows where the current PKI environment is flawed, proposes some
solutions, and wonders if PKI is really necessary for everyone.
oreilly.com Home |
O'Reilly Bookstores |
How to Order |
About O'Reilly |
Affiliated Companies |
© 2002, O'Reilly Media, Inc.