"Arnold G. Reinhold" wrote:
To the extent we agree here, I would urge you to help insure that this message is crystal clear in all specs and documents whose content you can influence. And don't rely on which dictionary's definition of "protect" is correct.
Arnold, Yes. However, we live now in a post-modern society, where the emphasis is on local discourse and it is accepted that there are many truths and many ways of knowing. The cat is out of the bag and we need IMO to learn to cope with diversity rather than try to iron it out. Of course, there are many dictionaries and many languages and computer technology has not solved this problem -- in the contrary, we have maybe dozens of "computer languages" being born every year and a handful of them actually being used. So, if we look to the real world, what do we see? Do we see a uniform law rule, a uniform government and a uniform language? No, we see multiple relationships, multiple actors, heavy overload, intersubjective contexts. As Tony Bartoletti wrote, apologies for what seems a rant, but the "solid mathematical foundations" underlying digital signatures, "Qualified Certificates", unmistakable IDs, biometrics and so forth create in me a degree of "psychic and social backlash" as well. We create these instruments in the hope of ascertaining better measures of the constancy of authentication and identities. The central question that comes to mind is "to what degree we are artificially creating the constancy we intend these instruments to measure."
Ed Gerck wrote:
OTOH, some lawyers and lawmakers are oftentimes the first ones to use the term "identifty theft" -- which simply is not a theft, it is impersonation. I hope we in crypto don't have to use "identity theft" as well. And, they can continue to use it.
The problem goes beyond simple impersonation in that the victims subsequently find it difficult to convince large institutions that they are who they say they are. My understanding is that the term comes from victims' statements that they felt as if their identities had been stolen. See http://www.consumer.gov/idtheft/. The question is relevant here, not as just another parallel question of semantics, but because exactly how the legal system treats "non-repudiation" can make the identity theft problem much better or much worse.
No. The fact that people like to talk in dumbed down soundbites like "identity theft", instead of using well-established words like "impersonation", does not mean that any legally relevant conclusions can be drawn from the misuse of technical terms like "theft" in the soundbite. Otherwise, we seem to agree. Cheers, Ed Gerck