Policy in Public Key Infrastructures, or How Values End Up in the Code

Brian A. LaMacchia


Whatever societal and ethical values we wish to include in a computer system must eventually make their way into the software itself and become part of the system's code. Although authors of computer systems actively attempt to make their products ``extensible'' and value-neutral, in fact every software design decision made as part of the process of building a system is a reflection of a value system. Application programming interfaces (APIs) and service provider models, used generally to build flexibility and customizability into software, also allow applications to override the biases built into the code and thus construct alternative value systems. Even when a system is explicitly designed to be value- or policy-neutral, such as the current proposal before the IETF for an X.509-based public key infrastructure, the extensibility of the infrastructure exists as a result of the underlying value systems of its creators. Ultimately, software developers must acknowledge that it is not possible to create a value-neutral system simply by adding extensibility to a biased system.

Full Text


Brian A. LaMacchia
This page last updated: 18 Aug 2008