Steffo's Echolot

Wanted: Identity Provider

Whenever it comes to a comparison between paper passport and an electronic passport it turns out that it is not so much a question of what data is stored on the new electronic passport, but how it is managed. There are a view companies that are able to manage a large amount of data, so that the availability of the data (e.g. for OCSP checks) can be guaranteed. But what about aspects of security?

I prefer the state would handle my electronic ID (X.509 certificated, being identity provider etc). Unfortunately, I don't see any activities in that direction. If the state is waiting for industry partners to take the challenge, why are they keeping my normal paper based password records? Why don't we get X.509 certificated, when we get a new ID card? Is there someone taking electronic communication serious?

The government cannot be responsible for everything, I hear officials say. Very difficult to tell where they should start and where they should stop. Here are a few points:

• It makes sense that the institution issuing passports at least governs all kind of passports (whether they are on paper or on silicon)
• If you have an electronic ID card, it should contain your private key. German authorities are actually talking quite a while about electronic passports which also have some memory left for electronic signature, but I am not sure when we will get it. Also I suspect that the electronic signature part will take substantially longer. Further, taking into account that they - German government that is - still are unable to prohibit smoking in restaurants, I am looking forward to the excuses that will come up with electronic passports.
• Politicians insist that they can only provide an economical framework rather than actively controling economics. I fully agree and may I add that knowing who you're dealing with in (electronic) communication/business is definitely part of the framework.

Steffo, everything is on the way. It'll take only a couple years until everything is rolled out because it's so complex.

I see, I reply, and I know it's complex; but: we all know this since mid 90s and if it works in the military area why does it not work in the civil area? It doesn't work in the military area you say? Now, that's frightning.

Posted at 04:06AM Feb 28, 2007 by steffo in Identity Systems  |  Comments[0]