11 Jul 2001
(updated 12 Jul 2001 at 00:10 UTC) »
OK, so here's my basic proposal for a net-wide
Trusted third party authentication (Kerberos-like). User
need not trust service and vice versa - instead, they
negotiate use of an aauthentication server they both trust.
Ideally, we don't want to entirely trust any one
authentication server, or perhaps even any one
authentication service provider, but this is deep magic to me.
Users and services generate their own public keys, a la
PGP. Paying a CA just to have a key is not on - paying for
one to trust your key may be. Especially a CA that actually
looks at you, takes photos, affidavits and skin samples, and
will then commit to an authentication reliability guarantee
which high-security applications will require
We'll need to be able to implement a client on a smart card.
We'll need to implement a client in IE and Mozilla somehow.
We'll need to do it all fast, before Microsoft and AOL
Pluggable encryption schemes would be nice. Ideally the
encryption scheme would be implemented in a portable
bytecode of some kind. Crypto codec could possibly be
negotiable between client, server and authenticator. The
service protocols will probably be more vulnerable than the
encryption algorithms, so this may not really be
cost-effective, but it's worth thinking about.