The business model adopted by the technology providers who want to recoup their development costs by charging customers per-user fees for the certificates generated.

That's like having paper companies charge extra for the paper that concert tickets are printed on...to reflect the "value" over and above the "cost" of just the plain paper.

The cost of creating certificates these days is miniscule. A slow (400mhz) Pentium II computer can produce millions of keys and their corresponding certificates per week. More, if it doesn't have to create the key pairs as well. Take the cost of the computer ($300 or so, today), amortize that across 5 years (not an unreasonable lifetime for a dedicated purpose machine) (call it 16 cents a day) and figure you can produce 1 million certificates per day. That's a per-certificate hardware cost of $.00000016.

But if you ask one of the commercial PKI technology providers to buy their CA, you'll find they charge from $10 to $150 per certificate user. Sure, they bundle a lot of other software with that, but where does that cost come from?

It has nothing to do with the cost to develop the PKI technology. It has nothing to do with the cost to create your certificates or to deliver software to your users. It has to do with the cost you probably already pay, in administrative overhead, systems administration payroll, and software licensing for competitive "user identity management" solutions - what the industry calls the "Network Operating System".

That's the price corporations have been willing to pay to provide single signon to file and print servers for their PC users to companies like Banyan, Novell and Microsoft.

That's bogus.

It might be a reasonable price if, in fact, the PKI providers delivered the kind of reduced systems administration and help desk support costs that those NOSes do. It might be reasonable if users got real productivity increasing value from using their PKI certificates to identify themselves. It might be worth the price if customers got the non-repudiation and high assurance guarantees that the PKI providers allude to in their marketing literature as "possible, someday".

But it's a rediculous price to pay for the ability to send S/MIME messages.

And that's why customers haven't been able to document a return-on-investment analysis to justify widespread deployment of PKI. So far.