Abstract :
Many security protocols in use today were designed under the assumption that some form of global distributed public key infrastructure would eventually emerge to address key management problems. These protocols go back to the early 1990s, when a universal PKI was thought to be just around the corner. Ten years later, it´s still just around the corner, and it probably always will be. Consequently, existing protocols originally designed to rely on a global PKI must either employ ad hoc solutions or use any public key that turns up, because the only alternative is not to use any keys at all. In the absence of a PKI, system administrators can incorporate alternative approaches that are easy to use, transparent to end users, and have a low unit cost.
Keywords :
message authentication; public key cryptography; distributed public key infrastructure; public key management; security protocol; system administrator; universal PKI; Application software; Computer security; Content addressable storage; Costs; Fingerprint recognition; Open source software; Protocols; Public key; Recycling; Web server;
