Thor (Hammer of God) wrote/schrieb/scripsit:
>When I got my NIC handle untold years ago, only 561 other humans had one.
>Your logic would preclude getting one in the first place, since no one knew
>they existed at the time. When SSL certs were first being created
>commercially, how many server operators did you know that had one? How
>many do you know now? It's the same thing with client certs, and the logic
>stands that certificate applications apply to them as well; particularly in
>regard to the business and marketing models various certificate authorities
>are running their business by. That was the point.
Just like a NIC handle, a client certificate has no intrinsic value.
People get a NIC handle to use it in a specific process. Just like NIC
handles don't (anymore) work cross-registry, people will have to get
specific certificates to use in specific processes. It is only then
that certificates, being a complex technology, actually work when they
are dumbed down and sealed off sufficiently.
Server certificates are a slightly different thing, as their number is a
few magnitudes lower than the number of client certificates. It is only
economically viable to distribute knowledge if the number of ignorant
people is low enough.
-Stefan
--
junior guru SP666-RIPE JID:stefanp (at) jabber.de.cw (dot) net [email concealed] SMP@IRC
>When I got my NIC handle untold years ago, only 561 other humans had one.
>Your logic would preclude getting one in the first place, since no one knew
>they existed at the time. When SSL certs were first being created
>commercially, how many server operators did you know that had one? How
>many do you know now? It's the same thing with client certs, and the logic
>stands that certificate applications apply to them as well; particularly in
>regard to the business and marketing models various certificate authorities
>are running their business by. That was the point.
Just like a NIC handle, a client certificate has no intrinsic value.
People get a NIC handle to use it in a specific process. Just like NIC
handles don't (anymore) work cross-registry, people will have to get
specific certificates to use in specific processes. It is only then
that certificates, being a complex technology, actually work when they
are dumbed down and sealed off sufficiently.
Server certificates are a slightly different thing, as their number is a
few magnitudes lower than the number of client certificates. It is only
economically viable to distribute knowledge if the number of ignorant
people is low enough.
-Stefan
--
junior guru SP666-RIPE JID:stefanp (at) jabber.de.cw (dot) net [email concealed] SMP@IRC
[ reply ]