How to Build Evidence in a Public-Key Infrastructure for Multi-Domain Environments
University of Cambridge, UK
Universita' di Torino, Italy
We discuss here some of the issues that must be considered
to build evidence in an appropriate way in a public-key infrastructure (PKI).
Despite the fact that one of the most recurrent motivation by
papers advocating the necessity of a PKI, is to support
electronic commerce, all the new proposals of PKIs do not define any
procedure to specify which evidence must be collected and in which form,
when users carry out a commercial transaction.
We think that this is an important issue that requires more attention especially if
Internet will succeed to became a marketplace as many people hope.
In the conventional
world, evidence plays a very important role in any dispute
resolution that can occur.
Besides all the services and applications that we can provide to users to
facilitate them to buy through the use of PCs, we have to provide
them by a sufficiently well founded guarantee that they will be
safeguarded against frauds attempts and malicious behaviours.
In this paper, we describe which facilities a PKI must provide
in order to build the evidence needed to get that guarantee.
Here the full paper in poscript format.
This paper has been published in the
Proceedings "Security Protocols International Workshop",
April 7-9, 1997 Paris, France, Springer-Verlag LNCS vol.1361 pp. 53-65.