Mok-Kong Shen
2015-08-16 09:31:13 UTC
In countries like Germany each citizen has an identity card that is
issued by the registration authority. Since the identity of a person is
thus in a sense created by that authority, why not let it also to
directly certify the public key of any citizen who desires to employ
asymmetric encryption? I mean the person would on that occasion have
his identity be once again checked by the authority (presumably much
better, certainly not worse than, any common CAs) and then have his
public key be entered (for a moderate charge) into a list of public
keys that is freely accessible to the public at computer terminals of
all offices of the registration authority. This way, the issue of trust
on the common CAs (or their equivalents) could be avoided.
M. K. Shen
issued by the registration authority. Since the identity of a person is
thus in a sense created by that authority, why not let it also to
directly certify the public key of any citizen who desires to employ
asymmetric encryption? I mean the person would on that occasion have
his identity be once again checked by the authority (presumably much
better, certainly not worse than, any common CAs) and then have his
public key be entered (for a moderate charge) into a list of public
keys that is freely accessible to the public at computer terminals of
all offices of the registration authority. This way, the issue of trust
on the common CAs (or their equivalents) could be avoided.
M. K. Shen