My apologies. I'll keep it simple.
A CA is a "certification authority". They issue keys
(called "certificates") to people and organisations.
The major roles of a CA are:
- verify the person's identity.
- issue a private key to that person.
- provide that person's public key to others.
all in a cryptographically secure fashion.
The other jargon word is "trust" -- this has a cryptographic
meaning close to the phrase "certain of identity".
Considering a transaction between two people that do not
trust each other that needs to be cryptographically secured:
a typical example is purchasing an item over the Internet.
If both people trust the CA, then they can obtain keys from
it and the transaction can proceed.
In the real world, and for good reasons, there are many
CAs. Thus you can end up with a case a web of trust like
this:
person <--trusts--> CA1 <--trusts--> CA2 <--trusts--> vendor
where CA1 and CA2 have made prior arrangement to trust the
other. As this web of trust extends, it gets less
reliable. For example, a CA could be the "Bank of Middle
Mongolia" which neither "person" or "vendor" would trust to
verify the other body's identity in a pink fit.
The usual solution to this is to make the intermediate CAs
extremely trustworthy. For example, a central bank, an
international treaty organisation, and the like.
The other reason for doing this is to avoid subversion of
the intermeiate CAs. For example, a criminal organisation
could very well purchase the "Bank of Middle Mongolia", but
is unlikely to sucessfully infiltrate an international
treaty organisation.
A related issue is one of national sovereignty. Imagine a
successful e-commerce system (eg: 5% of all transactions by
value are electronic) with the most commonly used CA being
outside the nation's control. If this CA fails (by
subversion, or just simple mis-management and bankruptcy),
then that nation's financial infrastructure has just died,
no rapid action of the nation's government can have an
effect, and a recession is ensured.
Thus it is in the nation's (ie: you and me in our roles as
individuals and businesses) interest to at least verify the
identity of CAs and to ensure the operation of the CAs used for
financial transactions in that nation's currency.
<opinion>
IMHO, the most cost-effective way of doing this is for the
Reserve Bank to act as a registration authority for CAs that
provide certificates for financial transactions in
Australian financial instruments. The Bank does this by
providing a small but secure CA that provides certificates
for the CAs the Bank has registered. The Reserve Bank is
appropiate as:
- it already has responsibility for the stablitity of the
currency.
- it is, for other reasons, unlikely to be subverted.
- it has appropiate physical security.
- it cannot, by definition, fail due to mismanagement (if
it does so, then the nation, for all intents and purposes
related to commerce, has also failed and no significant
commerce will take place in that nation's currency).
- it already has supervisory powers over the likely owners
of CAs, and this could readily be extended.
Note that I'm not suggesting that the RBA register *all* CAs
used for *all* purposes -- this would be highly inappropiate
as the RBA itself should not be trusted for some
non-financial messages (if fact, it is simple to prove that
there is no one body that can be trusted for all messages).
I suggest that the proposed "peak body" would simply end up
implementing a structure that looks almost identical to that
described above, with the associated costs of replication of
physical and legislative infrastructure.
</opinion>
-- glen.turner@itd.adelaide.edu.au Network Support Specialist Tel: (08) 8303 3936 Information Technology Division Fax: (08) 8303 4400 University of Adelaide SA 5005