As a term, PKI suffers the same problem as ‘identity’ - it means different things to different people. Consequently, as a sector, it’s totally unreliable as a term. It can mean...
Infrastructure around PKs to make the PK do or mean something. OR
Identity system based on PKI, implying use of private key is proof of person. Or...
@Steve_Lockstep@joerosato@csuwildcat X.509-based PKI which locks in a particular technology *and* a set of meanings/doings which don’t work *and* a set of companies that extract rents for little benefit, which extraction works a treat.
So, 1st order question is, what is this person meaning when using the term PKI?
@Steve_Lockstep@joerosato@csuwildcat Without understanding that, it’s unlikely you’ll make much headway because everyone will be talking at cross-purposes.
But even then when you’ve established what the term means in this context, you have to also deal with an insidious problem:
2nd order question:...
@Steve_Lockstep@joerosato@csuwildcat What is the chance that some other meaning of PKI will be imposed over you later on? By some other group that believes in their PKI?
This occurs typically with X.509, which has been pushed by a particular sector as the one and only PKI.
@Steve_Lockstep@joerosato@csuwildcat It comes in after the agreement phase, when you get to building and standards. Most of the tech out there, and all of the standards assume X.509-based CA style activity. So your techies, your suppliers, your browser manufacturers are already aligned with this way, and...
This would be ok if it worked. But it doesn’t work. It only succeeds more or less in its very narrow claimed case. Anything else, it’s just not up to the job.
So let me ask - what did they mean by PKI?
@Steve_Lockstep@joerosato@csuwildcat Coming back to Microsoft - they’re generally ahead of the curve when it comes to Identity - see the 2000s and Stefan Brands, Kim Cameron’s 7 “laws” of identity.
But they’ve never been able to make it work, and the primary reasons is the normal one...
@Steve_Lockstep@joerosato@csuwildcat Identity is a human thing, and PKIs in all their forms are built by technologists, so they are tech-problem forcused. Doesn’t work.
Hence DIDs are basically an expression of Private/public key identifiers for people. Former part is “more important” than the latter.
@Steve_Lockstep@joerosato@csuwildcat Eg, self-sovereign is a reaction to privacy problems of big data. “I know, I’ll make everyone own their data! They will be sovereign.”
Also doesn’t work. None of these programmes will go anywhere until the techies stop being techies and start focussing on society and humans.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Here is the response if the website strategic hyphen culture dot org is included in the Tweet:
Here’s the part I wanted to highlight, which is important!
💥 "The prize that America truly seeks is to seize for itself over the coming decades, all global standards in leading-edge technology, and to deny them to China.” 👈 👆
As we move closer to November, it’s somewhat non-controversial to say this USA election is the most divisive in living memory. I at least can’t recall one as divisive. 1/34
Reasons are obvious but I want to point out one reason that isn’t obvious, it’s the “NEVER TALK ABOUT…” rule.
Here’s the flaw: SAC is a flag that says signature verification and RMA (Relationship Management Application) authorisation and verification was successful.
Let me say that more clearly: SAC says verification is done. 2/
The flaw is this: the SAC isn’t the authorisation - it’s a flag saying there was an auth. Which means, in short SWIFT messages do not carry any role-based authorisations.
They might be authorised, but it’s like they slapped a sticker on to say that.
Ijiri's third entry is a derivative of two successive accounting entries, making it like momentum in physics. Therefore, he suggests, we could in effect use this 'calculus' technique on accounting records to predict the future direction of activity. 2/10
altho everyone wants to know the future, I am not comfortable with the notion that you can measure momentum by doing a 'calculus' over accounting records. As his third entry is derivative information, I suspect that its conceptual value (use) is limited by fraud / deception. 3/10
The One True Cipher Suite was born of watching projects and groups wallow in the mire of complexity, as doubt caused teams to add multiple algorithms- a complexity that easily doubled the cost of the protocol with consequent knock-on effects & costs 2/7
The One True Cipher Suite was widely ridiculed in crypto and standards circles. Developers and standards groups like the IETF just could not let go of crypto agility. This sacred cow led the TLS group to field something like 200 standard suites 3/7