The Global Internet Trust Register
The development of electronic commerce and other applications on the Internet is held up by concerns about security. Cryptography—the science of codes and ciphers—will be a significant part of the solution, but one of the hardest problems is enabling users to find out which cryptographic key belongs to whom. The main things that can go wrong with cryptography are similar to those that can go wrong with a signature stamp. A stamp can be stolen or counterfeit; or it may not belong to the person one thought it did. The first two risks can be controlled largely by technical measures. The third risk is the hard one, and the one that this book helps to solve.Many people who use cryptographic services on the Internet have had their keys certified by one or more of about a thousand important keys. The pioneers of cryptography hoped that these keys would in turn be certified by the United Nations or by each other, or listed in the phone book. For a variety of political and competitive reasons, this has not happened. The result is chaos, and the situation is bound to get worse as both companies and governments try to stake out claims in cyberspace. The primary aim of this book is to cut through the chaos by publishing the thousand or so important keys in paper form, as a kind of global phone book. The secondary aim is political: By printing these keys on paper, we can use established legal protections to limit government interference.
When we proposed digital signitures it was to enhance trust in an all-digital world. Nearly a quater of a century later, digital signitures are both widelyused and severely limited by the difficulty of obtaining the information required to verify the signititures of strangers. It is ironic that a printed book iss required to bridge the gap but, until the long-awaited public-key infrastructure is built, the Global Trust Register will be a valuable aid to those who need to verify digital signitures from beyond the bounds of their own organizations.
Witifield Diffie, Distinguished Engineer, Sun Microsystems, Inc.
An important tool to ensure trusted communication in a world where individual rights to privacy are under regulatory assault.
Jim Bidzos, President, RSA Dalta Security, Inc.