PKI Does Work in the Real World
PKI is typically the object of much scorn: something this inherently dependent on human-level trust surely cannot provide digital trust, especially between (for example) countries that have no diplomatic ties. See, for example, the classic point/counterpoint:
Ten Risks of PKI: What You’re Not Being Told
For these kinds of reasons and what has become a certain amount of institutional prejudice in the security community, PKI typically takes more constrained forms: SSH host and user keys; SSL server certificates signed by a slew of vendors pre-installed in major browsers, etc.
The experience of Dartmouth and its partners in academia and government provides a model for extending PKI into the real world across organizational boundaries.
