Roger Clarke's Web-Site
© Xamax Consultancy Pty Ltd, 1995-2016
|Identity Matters||Other Topics||Waltzing Matilda||What's New|
Principal, Xamax Consultancy Pty Ltd, Canberra
Visiting Fellow, Department of Computer Science, Australian National University
Version of 6 May 1998
© Xamax Consultancy Pty Ltd, 1998
This document is at http://www.rogerclarke.com/DV/PKIPosn.html
2. The Objectives of PKI
3. Conventional, Hierarchical PKI
4. Requirements of a PKI
5. Resolving the Conflicts
6. The Way Ahead
The design of public key infrastructure (PKI) has very considerable implications for public policy. There are a number of architectural aspects of PKI that are especially critical to its acceptability to the business community and to the public generally. This document summarises the position adopted by Roger Clarke as public interest advocate, and as Principal of Xamax Consultancy Pty Ltd, in relation to PKI architecture.
The intention of PKI is that it provide a basis for confidence in the reliability of electronic messaging.
PKI is needed in multiple settings, in particular:
A fundamental requirement is that the quality of authentication (variously of identity, and of eligibility of individuals and organisations, and of value) be of sufficient quality, taking into account the purpose for which it is used.
Authentication quality is, however, only one consideration. If consumers and businesspeople perceive a PKI as being authoritarian, or unduly invasive into information privacy, or as imposing unduly on people's behaviour, then PKI would actually decrease public confidence in EC and ESD.
All forms of PKI necessarily involve some degree of intrusiveness, in order that sufficient quality can be achieved.
Conventional hierarchical PKI are especially severe. They commonly have some or all of the following features:
Current X.509 v.3 certificates go so far as to permit an agent of an organisation to protect their personal identity through the use of a role-title; but they preclude an individual (referred to as a 'residential person') from having that capability. Moreover, some implementations may preclude a residential person from possessing multiple personal key-pairs, even though the same person is permitted to possess multiple key-pairs for organisations that they represent.
Some schemes even involve the key-pair generation process being compulsorily performed by some organisation on behalf of individuals, and compulsory storage (or 'escrow') of the private key.
Individuals, including not only consumers, but also employees and contractors, and especially in sensitive occupations, will not be confident in a conventional, hierarchical PKI.
To avoid such seriously negative implications, and consequential public opposition, a PKI, needs to have the following characteristics:
The question of role-related key-pairs is especially critical. Public concerns about privacy-invasive behaviour among governments and corporations are at their greatest where organisations are able to combine information about an individual from multiple sources. From the individual's perspective, the most trustworthy approach is not to rely just on legislated privacy protections, with their manifold exceptions, but also to deny organisations the ability to correlate information.
The interests of individuals are therefore well-served by role-specific and/or organisation-specific identities and key-pairs, and are seriously threatened by a requirement that they use a single key-pair with all organisations, or with all organisations of a particular category, such as the Commonwealth Government.
These concerns apply in equal measure to certificates as well as to key-pairs. The reason for this is that if only a single certificate is used for each person, then the identifier of the certificate provides the means to consolidate information about the person.
This document has highlighted the fundamental tension that exists between the needs of reliability in electronic messaging, on the one hand, and the interests of individuals in privacy-protection, on the other: the requirements listed in the previous section represent a potential threat to the authentication quality that a PKI can deliver.
Analyses performed by myself and others, in several different contexts, lead to the conclusion that all of these conflicts are capable of resolution, provided that all requirements are factored into the design activity.
In short, any PKI initiative that is approached as a mere technical exercise in applied public key cryptography is doomed to failure. It is essential that initiatives commence by appreciating and defining both the technical needs and the social requirements, such that the design of the infrastructure satisfies all of the needs.
Conventional, hierarchical PKI may be appropriate in contexts where authority is clearly defined. This includes defence organisations, internal communications within organisations, and communications within a layer of government. In particular, federal government agencies may find such an approach appropriate as a means of authenticating messages between agencies, and to confirm the eligibility of an individual to communicate on behalf of an agency. Initiatives in this area may be reasonably described as Government Public Key Infrastructure (GPKI).
Even in these cases, however, considerable care may be necessary in respect of the interests, and particularly the physical safety, of employees, especially those in sensitive occupations.
There have been proposals that a GPKI of this nature be applied also to clients of government, including:
It has even been mooted that a GPKI could in some way support EC between businesses, and between businesses and consumers.
Any such extension of a conventional, hierarchical GPKI beyond the bounds of the public sector will be met with serious scepticism by members of the public and businesspeople alike.
Conventional, hierarchical PKI will require very considerable adaptation and specialisation if they are to meet the complete set of needs. Among other things, the definition of distinguished name and the X.509 certificate identifier both need to be generalised, in order to support pseudonymity for individuals as well as for organisational agents.
Web-of-trust approaches to PKI were conceived with some of the public policy needs in mind, and appear to offer much greater promise. Although web-of-trust PKI standards are at this stage less technically developed than those for hierarchical schemes, the delay involved in maturing them may be no longer than that necessary to re-engineer hierarchical schemes to address the full set of public confidence requirements.
A key determinant of the degree of public confidence in EC and ESD will be the nature of the PKI that is used. Government initiatives in relation to PKI must therefore reflect the vital public policy issues involved, and not merely the quality of authentication.
Any Government policy to mandate a conventional, hierarchical PKI, or even to implement one in the expectation or hope that it would extend to entities or people outside the public sector, would be to the serious detriment of public confidence in EC and ESD.
Government actions should be designed to encourage the emergence, maturation and application of PKI that satisfy the full set of needs.
Clarke R. (1988) 'Information Technology and Dataveillance' Comm. ACM 31,5 (May 1988) Re-published in C. Dunlop and R. Kling (Eds.), 'Controversies in Computing', Academic Press, 1991, at http://www.rogerclarke.com/DV/CACM88.html
Clarke R. (1994a) 'The Digital Persona and Its Application to Data Surveillance' The Information Society 10,2 (June 1994), at http://www.rogerclarke.com/DV/DigPersona.html
Clarke R. (1994b) 'Human Identification in Information Systems: Management Challenges and Public Policy Issues' Info. Technology & People 7,4 (December 1994), at http://www.rogerclarke.com/DV/HumanID.html
Clarke R. (1996a) `Cryptography in Plain Text', Privacy Law & Policy Reporter 3, 4 (May 1996), at http://www.rogerclarke.com/II/CryptoSecy.html
Clarke R. (1996b) 'Trails in the Sand' (May 1996), at http://www.rogerclarke.com/DV/Trails.html
Clarke R. (1996bc) 'Identification, Anonymity and Pseudonymity in Consumer Transactions: A Vital Systems Design and Public Policy Issue', Conference on 'Smart Cards: The Issues', Sydney, 18 October 1996, at http://www.rogerclarke.com/DV/AnonPsPol.html
Clarke R. (1997a) 'Public Interests on the Electronic Frontier', Invited Address to IT Security '97, 14 & 15 August 1997, Rydges Canberra (August 1997), at http://www.rogerclarke.com/II/IIRSecy97.html
Clarke R. (1997b) 'Chip-Based ID: Promise and Peril', for the International Conference on Privacy, Montreal (September 1997), at http://www.rogerclarke.com/DV/IDCards97.html
Greenleaf G.W. & Clarke R. (1997) `Privacy Implications of Digital Signatures', IBC Conference on Digital Signatures, Sydney (March 1997), at http://www.rogerclarke.com/DV/DigSig.html
Huttner R. (1998-) 'Internet Sites For Lawyers - Cryptography, Encryption And E-Mail Privacy', at http://www.law.unimelb.edu.au/research/research.html#Ronnie's Wonder
Huttner R. (1998-) 'Internet Sites For Lawyers - Digital Signatures', at http://www.law.unimelb.edu.au/research/research.html#Digital Signatures
RSA (1995) 'RSA's Frequently Asked Questions About Today's Cryptography', at http://www.rsa.com/rsalabs/faq/faq_gnrl.html
Schneier B. (1996) 'Applied Cryptography' Wiley, 2nd Ed., 1996
Security Domain (1997) 'About public key cryptography', at http://www.certificates-australia.com.au/aboutpkc.htm
Utah (1996) 'Digital Signature Tutorial', at http://www.commerce.state.ut.us/web/commerce/digsig/tutorl.htm
Utah (1997) 'Frequently Asked Questions Regarding Digital Signatures', at http://www.commerce.state.ut.us/web/commerce/digsig/dsfaq.htm
Whittle R. (1996-) 'Public Key Authentication Framework: Tutorial', at http://www.ozemail.com.au/~firstpr/crypto/pkaftute.htm
Ylönen T. (1996-) 'Introduction to Cryptography', at http://www.cs.hut.fi/crypto/intro.html
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.
From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 50 million in early 2015.
Sponsored by Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916
Created: 29 April 1998 - Last Amended: 6 May 1998 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at www.rogerclarke.com/DV/PKIPosn.html