<div>
<div>*sigh* did you actually read my email? I mentioned a solution in the<br>second paragraph.<br> </div>
<div><quote></div>
<div> </div>
<div>The concept should be authenticate for purpose (e.g. my bank should <br>provide authentication for me to use my account, my doctor should provide <br>authentication for me to get prescription medicines etc).<br></quote>
</div>
<div> </div>
<div>With all due respect, your "solution" was totally surrounded by anecdote and commentary.</div>
<div> </div>
<div>My apologies for not reading the paragraph carefully enough to set off my "solution" trigger.</div>
<div> </div>
<div> </div>
<div><br>The problem is that governments seem to believe an ID card will stop<br>terrorism, stop fraud, stop illegal immigration, stop underage<br>drinking/smoking/sex, cure aids, make cold fusion work and cause world<br>
peace. They won't do any of the above, in fact, with some (e.g. fraud)<br>they have the potential to make them worse.<br> </div>
<div> </div>
<div> </div>
<div>So, there's several solutions:<br>1. Introduce an ID card, watch lots of commercial companies abuse it;<br>watch lots of government employees abuse it; because the back end will be<br>made to a tight deadline by the cheapest bidder, watch hackers and culture
<br>jammers abuse it; watch the secret services abuse it; watch the whole<br>relationship 'twixt state and citizen change around.<br>2. Don't bother, carry on with the current system, though flawed is<br>working.<br>
3. Use an independently secured, openly verified with key (i.e. public)<br>auditability of design backend to allow the distribution of identification<br>tickets for the required service.<br>4. Move away from the ID culture, only require ID for essential services.
<br><br>To solve it properly you need a combination of 4 and 3. In some cases,<br>e.g. opening a bank account, ID shouldn't be required (the money<br>laundering excuse is a load of bollocks) so we chose 4. In others,
e.g.<br>buying restricted items, a token part of identification is required (hence<br>not all items should be viewed), so we chose 3.<br><br>In simple terms an ID solution needs to be designed according to current<br>and future need, following the principles of privacy (for the citizen) and
<br>security (e.g. least amount of information presented, high auditability,<br>open design) and quality (not to the lowest bidder). This is not what the<br>UK or US governments are doing - they're starting from a position of "we'd
<br>like an ID card and a national database of all our citizens" and then<br>trying to justify it, design it, then look at the requirement.<br> </div>
<div> </div>
<div> </div>
<div> </div>
<div>
<div>OUCH, i had to turn down my "solution" detector.. it just went to 11....</div></div>
<div> </div>
<div>These are the ideas that are very valuable.</div>
<div> </div>
<div>Thanks for taking the time to respond again!</div>
<div> </div>
<div> </div>
<div>Dennis</div>
<div> </div></div>