[ale] #OT? Thoughts on encrypted token for ID connected to state or federal database...
Charles Shapiro
hooterpincher at gmail.com
Sun Apr 21 17:53:52 EDT 2024
Your papers please.
On Sat, Apr 20, 2024, 21:33 Jim Kinney via Ale <ale at ale.org> wrote:
> If biometrics is the only firm of authentication, yes, it's horrible. But
> a signed copy of biometric data validates the person holding the card as
> the person who owns the card. It is as secure as pki certs can be.
>
> On Sat, Apr 20, 2024, 2:56 PM Alex Carver via Ale <ale at ale.org> wrote:
>
>> Biometrics is a terrible form of security because it's not replaceable
>> when compromised.
>>
>> On 2024-04-20 10:46, Jim Kinney via Ale wrote:
>> > CAC card style signed certificates using pin for access to the cards
>> > private certs works well in many situations. If the gov issues ID cards
>> > with fed and state level certs, some people will have their heads
>> explode.
>> > But a single ID card with drivers license that can be used as verifiable
>> > authentication for nearly everything would be an upgrade from where we
>> are
>> > now. If a signed biometric capture was included, it would add a huge
>> level
>> > of "really hard to counterfeit" to the entire thing. So a fingerprint
>> > and/or retina scan plus pin will make the card unique to a person and
>> evil
>> > person can't steal my card and beat the pin out of. They can still
>> > blackmail and I don't have an idea on how to get around that.
>> >
>> > The major downside is the level of effort to make it happen.
>> >
>> > On Sat, Apr 20, 2024 at 10:16 AM William Wylde via Ale <ale at ale.org>
>> wrote:
>> >
>> >> How complex do you guys think creating an encrypted token connected to
>> >> your state or federal ID for age verification purposes would be? It
>> seems
>> >> like it would be trivial, seeing as how they all have verification
>> systems
>> >> in place already, and at least my state collects fingerprints when you
>> get
>> >> an ID or license. I don't think it would be more intrusive than what
>> they
>> >> already have going on- and I think they could take the money to pay
>> for it
>> >> from the domestic spy apparatus.
>> >>
>> >> I doubt it would reveal any more information about your web habits than
>> >> they already collect, but I could be wrong. There's a lot of people on
>> >> this list that are more cognizant about the ins-and-outs of this than
>> I am.
>> >>
>> >> Thoughts?
>> >>
>> >> --
>> >> --
>> >> “Keep away from people who try to belittle your ambitions. Small people
>> >> always do that, but the really great make you feel that you, too, can
>> >> become great.”
>> >>
>> >> ― Mark Twain
>> >> _______________________________________________
>> >> Ale mailing list
>> >> Ale at ale.org
>> >> https://mail.ale.org/mailman/listinfo/ale
>> >> See JOBS, ANNOUNCE and SCHOOLS lists at
>> >> http://mail.ale.org/mailman/listinfo
>> >>
>> >
>> >
>> >
>> > _______________________________________________
>> > Ale mailing list
>> > Ale at ale.org
>> > https://mail.ale.org/mailman/listinfo/ale
>> > See JOBS, ANNOUNCE and SCHOOLS lists at
>> > http://mail.ale.org/mailman/listinfo
>>
>> _______________________________________________
>> Ale mailing list
>> Ale at ale.org
>> https://mail.ale.org/mailman/listinfo/ale
>> See JOBS, ANNOUNCE and SCHOOLS lists at
>> http://mail.ale.org/mailman/listinfo
>>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20240421/5c925c86/attachment.htm>
More information about the Ale
mailing list