: I don't need to corrupt the entire bank in order to adjust your account : balance, a single corrupt clerk (or perhaps branch manager) can do it. : Of course, there's a good chance that eventually, come audit time, this : will be caught

<< stuff snipped So my hope is that banks become the certification authorities. Recall that at least in the us banks used to have trust as their middle name xyz bank and trust co for example. The whole banking system is _base_d on trust. You trust the bank to pay your checks, because they are intrinsically worthless. It seems that the digital signature issue and certificates are not really much of a stretch from that. We have the procedures in place to handle this. The problem I see with banks becoming CAs is that at some point you are going to want a customer at Bank A to do business with a merchant who is a customer of Bank B.  This is where the trusted third party is useful, somehow Bank B has to know that (a) the certificate signed by Bank A is real and (b) that Bank A is a trustworthy inividual to sign the certificate in the first place. My understanding is that the TTP will be the body that allows this, banks will most certainly be CAs but there will still need to be a body above them. The comments are interesting under the light of trust - or, what is it? When the message discussed whether certificates are trustful because they certify, or certify because they are trustful , the conclusion was that we should take the subjective stance, ie, the user's

:The consolation is that a thorough audit trail actually gets people their :money back! I wouldn't trust that to be true. [many excellent points snipped] I'm not sure I would either, for the reasons you mentioned.  What I should have written (but which may be equally flawed) is this: A thorough auditing system combined with a secret-sharing protocol (two things which I believe to exist now, but which more importantly _can_ exist in a large organization) may be used to minimize risk assumed by a trusted party, thus making it possible for banks (or other organizations dealing in 'trust') to insure the assets with which they are trusted. Where there is a protocol, there is a way to subvert it, but it can be made difficult to the point of near-futility. -Jared

The problem I see with banks becoming CAs is that at some point you are going to want a customer at Bank A to do business with a merchant who is a customer of Bank B.  This is where the trusted third party is useful, somehow Bank B has to know that (a) the certificate signed by Bank A is real and (b) that Bank A is a trustworthy inividual to sign the certificate in the first place. My understanding is that the TTP will be the body that allows this, banks will most certainly be CAs but there will still need to be a body above them. I don't think a trusted third party is required in this situation, though it's true that A and B have to be able to trust each other, or at least the validity of the certificates passed between them. Bank A and Bank B need to formally (either with a signing of contracts or a shaking of hands, etc) recognize each other as 'trusted'.  They do this _before_ customer A wants to do business with customer B, in lieu of going through the 'trusted third party' bottleneck. In X509v1, there was no way to extend certificates beyond the core specification, but this has changed.  In X509v3 there is a way to attach extra information at the end of a certificate, and this is relevant. CAa is the CA owned and operated by bank A, and CAb is the CA owned and operated by bank B.  A customer of Bank A needs to verify the legitimacy of a certificate given to him by a customer of Bank B.  The extra attributes in X509v3 certs can be used to establish chains of trust . The aggreement between Bank A and Bank B can be reflected in a certificate attribute.  Customer A checks the attribute list at the end of customer B's certificate, looking from an endorsement from CAa (the bank already trusted by customer A).  That endorsement would be verifiable, as it would be signed by CAa.  If customer A did not find such an endorsement, he would call Bank A and complain, much in the way people call up their local cable operator and ask for subsciptions to M2...  Bank A, in the interest of keeping the business of customer A, would investigate Bank B and attempt to forge an agreement. corollary:  bank A does not have to _directly_ trust bank B.  if bank A trusts a bank that trusts bank B, customer A has reason to trust bank B. it is at the discretion of customer A to accept or reject such an endorsement, just as it is at customer A's discretion to accept or reject the endorsement of Bank A itself.  the chains of trust are of variable length. -Jared

the endorsement of Bank A itself.  the chains of trust are of variable length. and as strong as their weakest _link_, btw... -j

somehow Bank B has to know that (a) the certificate signed by Bank A is real and (b) that Bank A is a trustworthy inividual to sign the certificate in the first place. My understanding is that the TTP will be the body that allows this, banks will most certainly be CAs but there will still need to be a body above them. Something above is not necessary.  Bilateral contracts work just as well, and are more flexible. One can talk about how the banking industry works, but then keep in mind that relationshiops between nation-level banks (and other institutions of that type) aren't generally hierarchical.