From: Eugene Leitl (eugene@liposome.genebee.msu.su)
Date: Fri Jul 03 1998 - 10:29:51 MDT
VirgilT7@aol.com writes:
> Hmmm... all right, I actually somewhat disagree. I think that identification
> should be compulsory when engaging in certain functions at which security is
> extremely important. And I think that the ability to present some proof of
I disagree. You should be excluded from participating in interactions
requiring such IDs, but you should not wind up in jail (or worse) for
not agreeing on having it. In extreme cases the difference can be
subtle, I admit.
> who you are to government agencies AND to private agencies who are not
> familiar with you is extremely important. So I think that everyone ought to
Authentication is a means of providing a tamperproof cookie for the other
party for it to check against your past dealing with that particular
party (which might be part of cookie or stored externally). When
dealing with different parties, you can (should) use different
_volatile_ (visibility scope limited to current transaction) IDs.
If you fail to prove your identity, the transaction is voided. E.g.,
if you fail to prove that your baggage checking history is
Semtex-clean, the airline will bar your from boarding the vehicle.
> at least be issued an ID. I don't however think that you should be required
> to carry it when, say, taking a stroll around the neighborhood.
Xactly. You _will_ wind up in jail for a day if failing to produce
appropriate credentials in Moscow, Russia. (I don't carry my passport,
and so far I've been lucky).
> Andrew
'gene
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 14:49:16 MST