01-08-2011 08:37:44 PM
I'll make no comment. This is FYI
A Veteran – whether active duty, retired, national guard or reserve – is someone who, at a one point in his/her life, wrote a blank check made payable to ‘The United States of America’, for an amount of “up to and including his/her life.” ...Author Unknown
01-08-2011 08:56:49 PM
Terrible article because it explains neither the thought process nor how the system is envisioned. Rest assured, the actual proposal here is nothing like it sounds at all.
I'm not going to bother to explain it because it's a futile exercise. No matter what I say, it will still be viewed as a "big brother" proposal and it'll get all political because it always does, and we'll be all into "Obama this" and "socialism that".
The whole project is doomed anyway no matter what benefits it might bring because no one will ever understand it.
01-09-2011 07:16:34 AM
As is typical with today's journalism, the distortions are greatest at the top of a story (beginning with the headline), with clarity gradually increasing as you go deeper into the story. Since so many folks read just the headline and the grabber, they come away with a completely distorted view of the facts.
In this CNET story, the facts begin to slowly come clear as you read futher down; but they appear to contradict the headline and the grabber, resulting in confusion rather than clarity. Shameful journalism.
The fact is, trusted identity is already in force in some government agencies for security reasons. Private users are demanding something similar for commercial transactions. The $64 question is how it can be implemented.
01-09-2011 07:43:32 AM
You're exactly right, erazoner. Trusted authentication/identity is needed for transactions.
The cool part is that the technology for it already exists using PKI certificates. Web sites already have this -- the SSL certificate ensures both the identity of the remote site as well as encrypts the traffic.
What we now need is mutual PKI certificates -- where the customer can (optionally) also use a PKI certificate to identify himself to the web site. Imagine getting a digital certificate from GoDaddy that 100% identifies me. Now I go to my bank and I tell my bank's web site that it will not accept any transactions dealing with my account unless my certificate is presented. Now, my bank account is doubly secure. A phishing site can't impersonate my bank because they won't have the bank's certificate. And no identity thief can post a transaction to my account because he doesn't have my certificate.
01-10-2011 06:42:59 AM
Personal certificates from a trusted authority are actually pretty cheap. What we need is for industry to allow for their usage in these contexts.