Big banks and telcos backing digital identity supercluster bid | IT World Canada News
I wonder if they'll provide X.509 certificates for individuals. While many people use them (and some use PGP/GPG) the big issue for so many is convenience. In companies that use a directory server, it's a simple matter to get the certificates for anyone else in the company, making it real easy to send encrypted email. Otherwise, you have to arrange for certs on your own and then send a signed message, so that the other person can send you an encrypted email. Of course, many people haven't even heard of email encryption. A few years ago, CIBC was offering X.509 certificates for customers, but I believe they could only be used for banking business, such as applying for loans etc. I don't know if they're still doing it. What we need for encrypted email to really take off is a server where you can automatically find anyone's public certificate, when you send an email, just as can be done with directory servers. BTW, my first experience with this was at IBM, 20 years ago, when the Lotus Notes servers supplied the certificates to anyone sending email. Previously, I had experimented with PGP, as others at the OS/2 users group had, but never really used it for much. http://www.itworldcanada.com/article/big-banks-and-telcos-backing-supercluster-bid-trying-to-revamp-identification-system/396894?sub=&utm_source=146611&utm_medium=dailyitwire&utm_campaign=enews&scid=25500026-e051-fb59-fe14-4e601d1fadd4
On 22/09/17 02:40 PM, James Knott via talk wrote:
I wonder if they'll provide X.509 certificates for individuals. While many people use them (and some use PGP/GPG) the big issue for so many is convenience. In companies that use a directory server, it's a simple matter to get the certificates for anyone else in the company, making it real easy to send encrypted email. Otherwise, you have to arrange for certs on your own and then send a signed message, so that the other person can send you an encrypted email. Of course, many people haven't even heard of email encryption. A few years ago, CIBC was offering X.509 certificates for customers, but I believe they could only be used for banking business, such as applying for loans etc. I don't know if they're still doing it. I would rather have a separate certificate for each supplier: One might be (dave & bank X), another (joyce and dave & bank x) and a third be (dave & credit-card-company Z).
Having a single proof of identity poses a problem when you have to revoke it because you used it for (dave & scammer W) --dave -- David Collier-Brown, | Always do right. This will gratify System Programmer and Author | some people and astonish the rest davecb@spamcop.net | -- Mark Twain
On Fri, 22 Sep 2017 15:37:53 -0400 David Collier-Brown via talk <talk@gtalug.org> wrote:
I wonder if they'll provide X.509 certificates for individuals. While many people use them (and some use PGP/GPG) the big issue for so many is convenience. In companies that use a directory server, it's a simple matter to get the certificates for anyone else in the company, making it real easy to send encrypted email. Otherwise, you have to arrange for certs on your own and then send a signed message, so that the other person can send you an encrypted email. Of course, many people haven't even heard of email encryption. A few years ago, CIBC was offering X.509 certificates for customers, but I believe they could only be used for banking business, such as applying for loans etc. I don't know if they're still doing it. I would rather have a separate certificate for each supplier: One might be (dave & bank X), another (joyce and dave & bank x) and a
On 22/09/17 02:40 PM, James Knott via talk wrote: third be (dave & credit-card-company Z). Having a single proof of identity poses a problem when you have to revoke it because you used it for (dave & scammer W) --dave
agreed, and... there are positives for everyone, but there are many reasons this has never really taken off much... (the tech is decades old) but the world (and societies) seem to be changing... (the usa seemingly the quickest of all, maybe ca also...) there are, as there has always been, a lot more negatives for individuals than there are negatives for large telco's, banks and govs Andre
participants (3)
-
ac -
David Collier-Brown -
James Knott