Lockstep

[Skip Navigation]
  • Home
  • About Us
  • News
  • Services
  • Partners
  • Library
  • Contact Us
  • Babysteps
  • PKI
  • Privacy
  • Smartcards
  • eHealth
  • Identity & Authentication
  • Lockstep Technologies
  • Clients & Case Studies
  • Government submissions
  • Online Banking Review
  • Conference presentations
  • Selected Media Interviews
  • Return on Investment
  • Quotes
  • Links
  • Science generally
  • Downloads

Quotes

These are short quotes from some of Stephen's speeches and articles.

Privacy and the young

"It's said that Generation Y don't care about their privacy. I don't actually believe that's true but even it was, so what? We don't let 18 year old males set road safety policy, and I don't think we should let them guide privacy policy either."

From Stephen's presentation on the Technology Panel at the inaugural iappANZ Privacy Conference, Sydney, 27 August 2008.

Trust and identity

"Note that [the APEC definition of 'authentication'] does not have identity as an essential element, let alone the complex notion of 'trust'. Identity and trust all too frequently complicate discussions around authentication. Of course, personal identity is important in many cases, but it should not be enshrined in the definition of authentication. Rather, the fundamental issue is one's capacity to act in the transaction at hand. Depending on the application, this may have more to do with credentials, qualifications, memberships and account status, than identity per se, especially in business transactions".

From "Making Sense of your Authentication Options in E-Business" in the Journal of the Cryptographic Centre of Excellence, PricewaterhouseCoopers, 2001.

Digital credentials

"To date we have tended to think of digital certificates as being like electronic passports. ... But this is unfortunate because it is more accurate and far more powerful to think of certificates as electronic credentials, specific to the CA's community of interest.

"In the real world, we don't characterise credentials according to personal identity levels. Rather, we allow different communities or bodies to set their own rules for admission. The legitimacy of those rules [is] the same thing as the authority to issue credentials to, say, lawyers and doctors ..."

From "Privacy positive aspects of public key infrastructures", in Privacy Law and Policy Reporter, 1999.

"[A] law society and a medical registration board might both establish CAs in order to issue digital certificates to their members. If the processes for issuing those certificates are integrated with present registration practices, then the certificates could represent electronic credentials. Thus, an electronic prescription digitally signed by a doctor could be trusted by a pharmacist, if the doctor's certificate came from the recognised registration board. And likewise a title search digitally signed by a lawyer could be trusted by a home buyer, if the lawyer's certificate came from a recognised law society. The relying parties in these respective transactions may care little for the actual identities of the signatories; rather, the relying parties need to trust their credentials."

"Current issues in the rollout of a National Authentication Framework", Information Industry Outlook Conference 1998.

© 2008 Lockstep Consulting ABN 59 593 754 482
11 Minnesota Avenue Five Dock NSW 2046
Mobile: +61 (0) 414 488 851 Email Us
Terms and Conditions