LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

LWN.net Weekly Edition for June 6, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Trusted internet identity

Trusted internet identity

Posted Jan 13, 2011 7:36 UTC (Thu) by Cyberax (✭ supporter ✭, #52523)
Parent article: Trusted internet identity

Here in Ukraine we already have something like this.

There are licensed certificate centers which can issue certificates. Documents signed with them will be legally binding, with digital signature equal to personal signature (by law). For example, I use this to sign my tax returns. No special hardware is needed, though of course it's supported.

Of course, this can have privacy implications. However, it beats the hell of the stupid braindead SSN + birthday authentication scheme which is used in the USA now.

(Log in to post comments)

Trusted internet identity

Posted Jan 13, 2011 13:09 UTC (Thu) by ortalo (subscriber, #4654) [Link]

Yep that's enough for some applications. Especially for tax returns declarations. (We have the same kind of scheme - albeit with centralized certificate delivery - in France and it is pretty successfull too.) But well, that's enough trust because declarations are declarative after all.
Do you have enough trust in such a certificate to use it to provide "write" access to your bank account, to provide read access to a personal medical record, to unlock your home? (Maybe btw, I am not trying to diminish the interest of such things - just trying to challenge them a little.)
First of all, from my point of view, I would like to have several different keys for these different things, not just a single one. And I'd like to be able to generate myself some of these keys and share them in different ways. Today, that's not so easy to achieve all these objectives easily.

But sure, for some applications, we have readily usable tools much better than SSN+birthday.

Trusted internet identity

Posted Jan 13, 2011 14:48 UTC (Thu) by Cyberax (✭ supporter ✭, #52523) [Link]

It's certainly possible to have multiple keys for a person (I have several). Of course, they are all linked to me by my tax ID number.

And yes, I actually use one of them (on a USB hardware token) to work with my bank account. In theory, just one key can be enough, if it's securely locked into hardware device with good security.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds