[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: Re: [pki-tc] US e-government ID-challenge
David,
I think you answered another question, how to carry
your citizen-ID.
Due to [censored lines concerning banks, card
manufacturers and software makers] practically everybody have shelved their
smart card-based PKI ID-programs. But PKI is still alive and well although
only in the form of "soft" certificates. In Scandinavia millions
of on-line bank-customers use such.
But the question was really how e-governments are
supposed to work in the absence of naming-systems aligned to on-line
activity. The Swedish system is based on a unique static citizen code
which is used as a universal "key" in authorities' information systems. To
introduce such schemes in countries like the US, seems impossible as peoples'
trust in governments seem relatively limited.
A counter-measure could be that independent
ID-providers like banks, supported naming-schemes like the
following:
- ID-provider (globally unique id)
- Common Name (of subject) - Client number (static locally unique id) Sample ID: "http://www.mybank.com/gid" : "CN=Marion Anderson, serialNumber=0766864" This would work as globally unique pseudo-citizen-codes but without the political problems associated with huge central registries held by government authorities. In case some parties need other information about the subject like social security number, registered address etc, the client (citizen) can using the very same certificate, request their bank (using an on-line service), to create a signed registry file based on other account information. Anders Rundgren
Consultant in PKI and secure e-business +46 70 - 627 74 37
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC