In a message dated 11/1/01 11:09:21 AM, [EMAIL PROTECTED] writes:
<< It appears that a lot of work has to be done and a lot of money spent before even a small amount of trust in an individual's proof of identity (on a world- or Internet-wide scale) can be established. >> Not really. The problem that we fact today is that the identity information cat is out of the bag. Anyone can accurately assume anyone else's identity. The use of best match logic, out of wallet information, etc., all work if everyone is willing to follow the rules. However, the fact that identity fraud is growing at near 100% rates in the face of these approaches belies the efficacy of those strategies. All any of the authentication technologies can do is confirm that this is probably the same user it was last time. Authentication technologies are agnostic as to any particular identity. All assume the underlying principle that one identity equals one person. This assumption is not only not true, it is dangerous. We are all aware of insta nces in which one person was using many identities and we are equally aware of instances in which many individuals are using one identity. In both of these instances authentication fails, unless the correct single identity is associated with the authentication methodology at the outset. There is no barrier from me attaching my finger image to Bill Gates' identity. John Ellingson CEO Edentification, Inc. 608.833.6261 ||||# |||||| |||||| --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]