What is QEI?

The Quiet Enjoyment Infrastructure is a set of methods, procedures and standards that provides a full solution to the Internet's security and privacy problems. QEI turns a proven set of construction materials called PKI into workable, secure online facilities called "buildings."

Let's take a tour, Click on the symbols of each of the Instigations, the twelve components of QEI, to learn about it, or click at the bottom for a slide show that will take you through the tour.

QEI logo (private key component)
If a public key infrastructure requires both public and private keys, shouldn't it be part of something that includes a private key infrastructure? Cryptographic keys must be both secure and accessible.

QEI's Private Key Infrastructure specifies how both goals are to be met in real world conditions.

QEI logo (public authority component) The certification authority is the core of a public key infrastructure. That raises the question, "Where do we find legitimate authority?" Putting an "Authority" label on a piece of server equipment certainly does not bestow upon it the right to certify.

QEI's Public Authority Infrastructure puts duly constituted public authority behind the term "certification authority."

QEI logo (enrollment component)And what is to be certified? If the purpose of a PKI is to bring authenticity to a domain, whether an organization or the whole world, then accountability begins with the the individuals in that domain. The foundational certificate must be an individual identity certificate, established using reliable and meaningful methods and procedures.

QEI's Enrollment Infrastructure produces a digital identity certificate using measurable and reportable quality standards such that relying parties know just what they are relying upon.

QEI logo (Identity component) Once an individual has been enrolled and has been given a identity certificate, how can that be used as the foundation of actual identity credentials to be used in day-to-day life? Different situations call for different credential characteristics. There are times when pseudonymity and anonymity are not only acceptable but desirable. An accountability scheme must accommodate a wide range of credential choices.

QEI's Distinguished Names Infrastructure allows users to choose and control the credential(s) that identify them, while allowing relying parties to make their accountability expectations and requirements easily known.


QEI logo (privacy component) PRIVACY. Privacy must be the first consideration of any PKI whose fundamental certificate is an individual identity certificate. Without a well-thought-out design, a universal identity system can facilitate Big Brother scenarios where your every move is as observable as... well, as observable as it is today, with wanton table joins allowing companies and governments to not only observe you but to manipulate your perceptions like a skilled stage magician.

QEI's Personal Information Ownership Infrastructure actually accomplishes what so many privacy activists have advocated. PIOI puts you in charge of the use of information about yourself.


QEI logo (LEI component) Now we come the unpleasant fact that there are users who can legitimately be considered criminal suspects. Who among us would want to prevent law enforcement from enforcing a court order to monitor the private communications of a gang of identity thieves or terrorists?

QEI's optional Law Enforcement Infrastructure provides a means to enforce such court orders, according to the laws of the jurisdictions involved, while also providing a means for the user community to be aware of possible abuses by law enforcement (without of course alerting the subjects of investigations.)


QEI logo (building codes component) The point of a PKI should be to create a bounded space where authenticity prevails. In other words, the point of a PKI should be to create an indoor space apart from the outdoor public transport facility aptly characterized as the information highway. In the physical world people use highways mostly to transport themselves from building to building. Why should the online world be any different?

The Building Codes Infrastructure is one of the QEI components that transform that pile of excellent construction materials known as PKI into usable buildings.


QEI logo (indoor os component) Web 2.0 has done a remarkable job of letting us gain benefits of habitable spaces while standing outdoors, looking into those spaces through very nice windows. But hey, wouldn't it make more sense to open the door and go inside?

QEI's Indoor Operating System lets you use all your familar applications - and also lets you, your family and your colleagues come in from the cold, cruel, malware-infested rest area alongside the information highway.

QEI logo (re professional component) Part of what makes a building reliable is the fact that the architects and contractors and subcontractors and building inspectors are all professionally licensed. That means that they have passed tests on their respective skills. More significantly, they all know that if they fail to apply those skills assiduously in every project, they can lose their license and thus their livelihood.

The Occupancy Permit for the room you occupy comes from QEI's Real Estate Professional Infrastructure, assuring you than every line of code used to build the room, the building, and the entire complex has been examined by a professional who stands to lose his or her license if it turns out that he or she missed a back door, a keylogger, a botnet builder, or an attempt to install a rootkit. It also means that the architects and contractors are happy enough with the owners of the building to sign off on the issuance of the occupancy permit. (if invoice=paid then issue_permit; else close_door).

QEI logo (media industry component) Some buildings stand by themselves alongside the highway, while others are found in communities, where their occupants have the benefit of a social infrastructure as well as shared costs of physical infrastructure.

As consumers we're all used to having those who want our attention pick up the tab for our news, weather, sports, entertainment. As members of professional or avocational communities we're accustomed to having advertisers pay for our targeted magazines.  Why shouldn't we offer media the opportunity to pay part or all of our ISP bill? QEI's Media Industry Infrastructure lets those who own channels of communication into communities of interest broker positions in that community to their advertisers, exactly as they do with their trade shows.


QEI logo (public roadways component) Even though they don't require the same protections as indoor spaces, highways do need to be managed by authorities with reliable identity credentials.

QEI's Public Roadways Infrastructure assures us that those who touch the root servers of the DNS system and the key components of the domain registration system are all carrying identity credentials and professional credentials; and that the strength of the identity credentials is a matter of published public policy.

QEI logo (usable vocab component) Currently, conversations about information security use a vocabulary that's all about pieces of technology that filter packets and implement policies. In other words we talk about building materials instead of buildings.

The Usable Vocabulary Infrastructure component of QEI directs the conversation to considerations of architecture, building codes, contracting, and related issues of professional certification and occupancy permits. The good old language of construction materials: CA servers, TCP/IP, latency, bandwidth, clustering, etc. is left untouched for those times when construction materials are genuinely the subject of conversation rather than a distraction from the focus on buildings.