Problem statement:  validity of secure transactions ...on a Public Network.

                    validity of https ...Certificate servers
                                      ...Server certificates
                                      ...client certificates various certificates embeddable in a web browser.
                                      ...key-lengths or cipher strengths
                                      ...PGP (Pronounced PG-pee)  

                    breach of certificate security ...and data encrptions
                    communications ...translating into reliability of the
                    medium.

                    Understand the process of certificate vending.

                    Understand ....as published on the document
                    opportunity_innovative_digital_signature_Certificate_Server_Authority_chain.txt
                    on this url or uri.
                    

Opportunity and Objective:  Presuming communication or transactions on the medium 
                            is usually with an entity.


                            Does current technology ...guarantee the above entity.


                           a) fortify WHOIS ...and use it to guarantee reliability of
                              transactions (E-commerce) on the medium

                              ...understand domain procument procedures

                                 is it the same entity as being envisioned or information
                                 provided while registering .... scope for validation

                                 ...cross-check credit-card based purchases with entity and
                                    legitimacy of the entity.


                          b) Understand persistant forms (sgml or postscript or XML) ....Adobe , patent filing from USPTO.gov,
                                                                                  or XML template generation by WIPO,
                                                                                  or Cerificate generation procedures.


                             why cannot a client (nature and type of certificates) be able to generated by him-self.

                             understand ...http/microsoft digest mode of authentications ...viz. essentialy a encryption
                             and  decryption procedures.
  
                              ....scope of embedded a certificate generation ...as component or plugin software of the 
                              web-browser.


                              using this mode of generating a certificate  ...who is-in control ....translating into
                              relability of the software!!  ...while ideally speaking ...expect the webhost or and the
                              owner ...nobody else is should ideally able to the encryption keys and ...given that
                              decryption keys would be temporary ...keys ...valid only for a specific period

                              ....refer to as published in projects.pdf ...for such algorithms or means


                         c) use whois or DNS registrations ...to be procured as embeddedable server certificates
                            guaranteeing the web entity


Opportunity : Defining ...understanding ...dependency ...weigh/trade offs ...between reliability ...quantum of authenticity 
              and quality.


              https ...requires ...certificates to be embedded into browser's ...but given the fact that any encryption
              ...done is delivered by a 3rd party certificate vendor ?? ....the whole communication is suseptible for
              prying eyes ...both political, economic or other clout ...taking into account a good case in example
              microsoft and sub-class of companies ...technologies....certificate vending companies.

       
              encryption ....decryption ...as in vogue PGP....drawback being ...the public-key used for encryption,
              private key for decryption ....while offering some ...security ...a compromise on DNS can trick any
              one directed to a repository or a key ...that results in using a false key ...that is susecptable for
              intended ...hold on the data communicated on the medium ...viz. information fall into the false hands,

              as also any static-key used as part of the public-key ...is susecptable for easy decryption of the data,
              ...a encryption algorithm ...encoded into such a public-key ...alone can ...solve this kind of information
              susecptability.

              read through the document opportunity_innovative_data_encryption_algorithm.txt ...also delivery of the
              encryption key ...on a different medium or communication channel ...ideally on a physical delivery to
              the end user ...offer reliable means,

     eg:      say exchange of such information at gathering ...business ...meet would be more reliable than using
              a courier/postal other formal acceptable protocol's of communication....this individual can vouch for
              the reliability , consequence's ...given the said ability to propigate ..survival ...fellow citizens
              of india.
 
              

                          

               
                                
 Note: The above problem statement having been encountered in various scenarios
      and detailed in various 'Proof of concepts' as mentioned in 
      
       http://uk.geocities.com/ravivenkatus/projects.pdf
       http://ravishankarkv.tripod.com/projects.pdf
        ....apply appropriate
      'use-case' modeling, rationalize and arrive at a workable and feasible 
       solution both commercially and techinically viable.


   
   