On Sat, 4 Nov 1995, Timothy C. May wrote:
Pop Quiz: If you are a citizen of the U.S., prove it. ... As has been said several times recently, for the purposes of law, non-U.S. citizens who reside in the U.S are effectively "U.S. persons." Subject to U.S. law and generally having the same legal rights. (Can't vote. Can be drafted. Must pay taxes. Must have a SSN. Must obey traffic laws. Must not discriminate against the differently clued, etc.)
All true.
Consider this: most people in the U.S. do not have a "credential" that shows them to be U.S. citizens. (Hint: most people in the U.S. do not have passports.) They have driver's licenses, which say nothing about citizenship (at least California and Virgina licenses do not). Social Security cards are the same.
(Second hint: most people are hard-pressed to locate a birth certificate for themselves. Many people take the easy way out and simply buy a new one for the $25 a good one costs.)
Therefore, there are few ways that citizenship can be "checked." Period. A foreigner who wishes to "prove" his non-U.S. status could, of course, show his green card. But this is different from proving citizenship.
A green card, by itself, also fails to prove legal status. Proving legal residency requires a combination of two documents, one each from specified lists. Most commonly a driver's license, green card (which is actually pink), or birth certificate from list A, and a social security card from list B. Chris Hibbert's SSN FAQ talks a little bit about how this works, and why it's a Good Thing. Basically, for privacy and security reasons, it is a very good idea to separate the issues of identity and authorization. I don't care how securely you can authenticate who I am -- by PGP, retinal scan, whatever. I do not want a single digitizable token to be the key to my identity. Even if that identity cannot be forged (and everything can be forged), it can be used to track me, by the government, by the Direct Marketing Association, by the private investigators of certain wacky cults, and by TRW. And I suppose by those secret government types at SAIC who, we are told, control the Internet now :-) It is a little inconvenient, but this is why it's a Good Thing that you need a separate driver's license, social security card, credit card, phone number, PGP key, password, thumbprint, and retina. I would oppose moves to combine them to a single unified "mark of the beast," as it were. I am a little uneasy about the otherwise very cool First Bank of the Internet for this reason. If you use FBOI, I'd recommend using a PGP key separate from your usual PGP key. Crypto fans need to recognize that the ability to securely prove your identity is not an unmitigated advance. Of course, all the crypto fans here are also pseudonym fans.
As to the point about students impersonating faculty, if the faculty starts signing their messages (doubtful), then no one can impersonate _them_. (Except that it sounds like all this PGP stuff is to happen on campus computers, in which case there are several ways their private keys and passphrases can be snarfed.) The issue of a "credential" for faculty members, something that says "This person is a member of the Foo U. faculty," well, this is a different kettle of fish; such credentials are not part of the PGP system, though webs of trust could in principle be used in a klugey kind of way.
This is a job for private key cryptography, like kerberos. -rich