in Internet

Bob has been given two keys…

What is a Digital Signature? is a fun little introduction to digital signatures by David Youd.

Unfortunately the system is generally hard to understand, which I think is the reason it hasn’t caught on more widely (who wouldn’t encrypt the occasional email if they could?). Since I’m on a mental model kick lately, I can’t help but point out that the metaphor of a key breaks down pretty quickly. I like that a key can both lock and unlock information. But one can use a key to “sign” a document? We’re used to keys moving locks into multiple positions (as with a car ignition), so this might have been better as “use the key to make a document read-only, or to encrypt it…” or something similar.

And replacing the “certificate authority” is a no-brainer: she’s the locksmith.

I point this out because the situation is only getting worse. After Paypal recently limited transfer amounts on personal accounts, I signed up for Yahoo’s PayDirect. After using my regular ID and password to sign in, it asks for a “Yahoo! Security Key” and offers a text box. What should I type here? Was I supposed to generate a key before arriving here? This is actually not a key at all, at least not in the PKI sense. It’s just a secondary password. So this is just a labeling problem, but one that makes the difference between understanding how the system operates, and not.

Update: I was considering doing something about this, approaching the PKI folks to consider how design strategy could revolutionize this market, but this article by Jay Heiser points out that the personal encryption market isn’t demanding a product, whether we think they need one or not. Still, I wonder what will happen when someone makes it so easy that a great product will create a demand, that people will start to do protect their messages because they realize they can. Or, it might be a matter of free-agent nation — freelancers who work with large companies — having to adopt it to do business with the enterprise customers whose IT departments have done the hard work of setting it up.