Ten Risks of PKI

This is an old article but it is a good article co-authored by Bruce Schneier. For those that don't know Bruce he is a well respected and acclaimed cryptographer. As Bruce says in the first few paragraphs about the sales guys who sell PKI:

“If you only buy X,” the sales pitch goes, “then you will be secure.”
But reality is never that simple, and that is especially true with PKI.

Many times we have customers who are considering going with certificates or smart cards rather than one-time passwords (OTP) as their means of two-factor authentication. Bruce does a great job of throwing light on some of the PKI/smart card "myths". Especially true is that for any security system there are people involved:

Security is a chain; it’s only as strong as the weakest link. The security of any CA-based system is based on many links and they’re not all cryptographic. People are involved.

So if you are interested in strong authentication take a look at this article. It's worth your time.

Technorati Tags:
security, two-factor authentication, QSFT, Quest Software, PKI