Yes they do. The difference being that if public keys are going to be forged in the circle of trust system, a whole lot of systems have to be compromised. With PKI, you're putting all your eggs in that one basket. And if you lose control of it. That's it. Game over. You're in trouble. And that's always the issue with centralization of anything.

My .02.

t

From: Technomage <technomage.hawke@gmail.com>
To: plug-discuss@lists.plug.phoenix.az.us
Sent: Sat, July 3, 2010 12:09:46 AM
Subject: Re: OT: (or is it?) Interesting take on PKI and security

On 7/1/10 6:36 PM, Mike Schwartz wrote:

Interesting take on PKI and security

http://www.schneier.com/paper-pki-ft.txt

a favorite take-away quote, from it:

"[...] security is very difficult, both to understand and to implement. "

The biggest problem with security is that most (nearly 99%) do not understand it,
the reasons for it or how to implement and use it. Those few that do can largely be counted
as a very small number (less than 1,000) in the entire field and a lot of them spent
years leaning how.

I personally know enough to know I *really* don't know nearly enough (and perhaps just enough to
keep the honest people honest and that's about it).

as for the 2 models presented, each has its own Achilles heal.