Paradigm Shift? Digital Currency 14 - Who Do You Trust?
20 years ago, if someone had been astute, the LDS Electronic Commerce Services would have included the LDS being "THE CA" or Certificate Authority for the registration of public keys.
To provision this service would require the following three elements.
Public Key Cryptography
There are two main uses for public-key cryptography: Public-key encryption and Digital signatures.
An analogy to public-key encryption is that of a locked mail box with a mail slot. The mail slot is exposed and accessible to the public – its location (the street address) is, in essence, the public key.
Anyone knowing the street address can go to the door and drop a written message through the slot. However, only the person who possesses the key can open the mailbox and read the message.
An analogy for digital signatures is the sealing of an envelope with a personal wax seal. The message can be opened by anyone, but the presence of the unique seal authenticates the sender.
The PKI
A public key infrastructure (PKI) is a system for the creation, storage, and distribution of digital certificates which are used to verify that a particular public key belongs to a certain entity.
The PKI creates digital certificates which map public keys to entities, securely stores these certificates in a central repository and revokes them if needed.
A PKI consists of:
A certificate authority (CA) that both issues and verifies the digital certificates
A registration authority which verifies the identity of users requesting information from the CA
A central directory—i.e., a secure location in which to store and index keys
A certificate management system
A certificate policy
Public key systems, sometimes called asymmetric key systems use two keys, a public key and a private key.
In a two key system everyone has two related complementary keys, a publicly revealed key and a private key known only to the holder.
Although different, the two parts of this key pair are mathematically linked.
The public key is used to encrypt plaintext or to verify a digital signature; whereas the private key is used to decrypt ciphertext or to create a digital signature.
The CA
20 years ago, the LDS Electronic Commerce Services could have included LDS being THE CA or Certificate Authority for the registration of public keys.
LDS could have provided a legally binding proof of identity for internet transactions, fast validation and issuance, increased trust, peace of mind, improved efficiency, cost effectiveness, ease of use, etc.
A certificate authority (CA) is an organization that stores public keys and their owners and every party in a communication trusts this organization (and knows its public key).
A CA issues digital certificates that contain a public key and the identity of the owner. The matching private key is not made available publicly, but kept secret by the end user who generated the key pair.
The certificate is also a confirmation or validation by the CA that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate.
A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates.
CAs use a variety of standards and tests to do so. In essence, the certificate authority is responsible for saying "yes, this person is who they say they are, and we, the CA, certify that".
If the user trusts the CA and can verify the CA's signature, then (s)he can also assume that a certain public key does indeed belong to whoever is identified in the certificate.
Unlike the "visionary" leadership at LDS who were too busy "washing their tights", you think about it...
when you want legally binding certified registered signature required delivery... Hubba, Hubba, Who Do You Trust?
More to come
Paradigm Shift? Digital Currency 15 - Better to Burn Out?
Paradigm Shift? Digital Currency - Index
To provision this service would require the following three elements.
Public Key Cryptography
There are two main uses for public-key cryptography: Public-key encryption and Digital signatures.
An analogy to public-key encryption is that of a locked mail box with a mail slot. The mail slot is exposed and accessible to the public – its location (the street address) is, in essence, the public key.
Anyone knowing the street address can go to the door and drop a written message through the slot. However, only the person who possesses the key can open the mailbox and read the message.
An analogy for digital signatures is the sealing of an envelope with a personal wax seal. The message can be opened by anyone, but the presence of the unique seal authenticates the sender.
The PKI
A public key infrastructure (PKI) is a system for the creation, storage, and distribution of digital certificates which are used to verify that a particular public key belongs to a certain entity.
The PKI creates digital certificates which map public keys to entities, securely stores these certificates in a central repository and revokes them if needed.
A PKI consists of:
A certificate authority (CA) that both issues and verifies the digital certificates
A registration authority which verifies the identity of users requesting information from the CA
A central directory—i.e., a secure location in which to store and index keys
A certificate management system
A certificate policy
Public key systems, sometimes called asymmetric key systems use two keys, a public key and a private key.
In a two key system everyone has two related complementary keys, a publicly revealed key and a private key known only to the holder.
Although different, the two parts of this key pair are mathematically linked.
The public key is used to encrypt plaintext or to verify a digital signature; whereas the private key is used to decrypt ciphertext or to create a digital signature.
The CA
20 years ago, the LDS Electronic Commerce Services could have included LDS being THE CA or Certificate Authority for the registration of public keys.
LDS could have provided a legally binding proof of identity for internet transactions, fast validation and issuance, increased trust, peace of mind, improved efficiency, cost effectiveness, ease of use, etc.
A certificate authority (CA) is an organization that stores public keys and their owners and every party in a communication trusts this organization (and knows its public key).
A CA issues digital certificates that contain a public key and the identity of the owner. The matching private key is not made available publicly, but kept secret by the end user who generated the key pair.
The certificate is also a confirmation or validation by the CA that the public key contained in the certificate belongs to the person, organization, server or other entity noted in the certificate.
A CA's obligation in such schemes is to verify an applicant's credentials, so that users and relying parties can trust the information in the CA's certificates.
CAs use a variety of standards and tests to do so. In essence, the certificate authority is responsible for saying "yes, this person is who they say they are, and we, the CA, certify that".
If the user trusts the CA and can verify the CA's signature, then (s)he can also assume that a certain public key does indeed belong to whoever is identified in the certificate.
Unlike the "visionary" leadership at LDS who were too busy "washing their tights", you think about it...
when you want legally binding certified registered signature required delivery... Hubba, Hubba, Who Do You Trust?
More to come
Paradigm Shift? Digital Currency 15 - Better to Burn Out?
Paradigm Shift? Digital Currency - Index
Comments
Coinpedia.org | currency encyclopedia | List your Coin