Open Loop PKI
Open Loop PKI (issued for arbitrary use)
- certificates issued for various purposes
- issued by an issuer without knowledge of relying parties
- in an open and potentially unbounded environment
- risk/trust coded into certificate and backed by CPS
- trust a big issue if the certificates are to be saleable ; only saleable if people will accept them
- open loop PKI here ; but not in a real hard commercial way
- authorisation can be coded explicitly or implicitly in the certificate
- major need for revocation or on-line certificate verification linked with reliance management services
- major need for water-tight Certificate Practice Statements
- business opportunities depend on the surrounding model
Value of PKI here is creativity - a business tool