Evidently these idiots haven't heard of digital bearer certificates... Cheers, Bob Hettinga --- begin forwarded text X-Sender: rhornbec@counselpop.com Mime-Version: 1.0 Date: Thu, 25 Sep 1997 05:22:13 -0500 Reply-To: Digital Signature discussion <DIGSIG@VM.TEMPLE.EDU> Sender: Digital Signature discussion <DIGSIG@VM.TEMPLE.EDU> From: Rick Hornbeck <rhornbec@COUNSEL.COM> Subject: National ID as Identity Authentication answer for EC? To: DIGSIG@VM.TEMPLE.EDU An interesting article by Thomas P. Vartanian appeared in the September 24 issue of the American Banker discussing the increasing need for identity authentication in electronic commerce and the use of National ID Verification Standards (NIVS) as a possible solution. Although the article avoids proposing specific ultimate sources of identity it does mention that "the adoption of these standards might facilitate the development of a national market for certificate authority errors-and-omissions insurance. It might also facilitate the creation and operation of what one observer has called 'cybernotaries.' Without uniformity in the authentication process, the efficiencies of certificates and the effectiveness of electronic commerce will be undercut." Following is a brief excerpt. Complete article available at: http://www.jya.com/national-id.htm ==================== 24 September 1997 Source: The American Banker --------------------------------------------------------------------------- Comment/ The Case for National ID Verification Standards By Thomas P. Vartanian Fried, Frank, Harris, Shriver & Jacobson Financial fraud depends heavily on perpetrators' ability to hide their identities or assume those of others. Because the Internet is a medium for anonymous communication, it has been and will continue to be a breeding ground for innovation in electronic fraud. Proponents of electronic commerce seek to limit this risk through the use of digital certificates and similar methods of electronic authentication and verification. This raises a complex question for the trusted third parties, many of which may be banks, that certify the issuance and use of public keys in the digital signature arena: What does it mean to certify that a specific public key represents X in a world where the identification of X is an imprecise science? Authentication must be the starting point in any electronic network transaction. Lacking the customary modes of physical identification, the parties to a faceless transaction in cyberspace need proof from a third party that each party is who he or she purports to be. --- end forwarded text ----------------- Robert Hettinga (rah@shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/