[OpenID] Japan Report 2008-12-13
Peter Williams
pwilliams at rapattoni.com
Sat Dec 13 11:15:36 PST 2008
Shade:
The US Postal Service came pretty close to running the one and only US national CA (and a network of authorities capable performing realtime validation and entitlement/rights issuance).
The IPU (International Postal Union) did a lot of work on cross-recognition (under international law) - a set of governance rules that Liberty's recent effort may want to learn from. I remember doing a literally round-the-world flight going to MalaysiaPost, HongKongPost, AusPost who were cooperating (without JapanPost) to build an AsiaPac alliance. Later I recall going to the "Telecomms Authority" of India, in New Delhi (who would have played the equivalent role).
Don't laugh. The powers of a US postal inspector are strong than an IRS federal agent, and lots of folk fall foul of mail fraud as soon as they start gaming the system. For a while the guy who picked up my trash acted like James Bond; it was special (trash) pickup no one was supposed to know about.
It was my (menial) job to package up the initial open source X.509?CA software for USPS (before NSA and mainstream defense contractors took over) - and Oracle analysts wrote up the schema and queries to execute the X.500/LDAP directory information model (a hierarchical naming/search model recall) in terms of the relational schema, and link it to the USPS ZIP+4 database of every mailbox. It was engineered to scale big (obviously, for a G7 economy) - and was expected be a part of the Al Gore national infrastructure, used by IRS and SocialSecurity agency.
Didn't happen, such is the power of patents. USPS/NSA and VISA both opted out of the space...and sensibly took the offer: make the 6-person startup known as VeriSign their proxy, instead.
Before he joined, one VeriSign original VPs did the contracted legal analysis of the legal authorities the Federal government needed (or should assign itself) to have USPS run the national CA!
Now that's a piece of history, I have not recalled for a while! As I recall, Mark Wahl got a piece of that action, too, while at NASA.
-----Original Message-----
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On Behalf Of SitG Admin
Sent: Saturday, December 13, 2008 10:16 AM
To: Nat Sakimura
Cc: general at openid.net
Subject: Re: [OpenID] Japan Report 2008-12-13
>As to the US$1 voting is concerned, that is potentially interesting,
"Hey, did ya hear about the OpenID Foundation?"
"No, what is it?"
"I have no idea, but if you pay them one dollar, you get a vote."
"Sounds like a scam to me. I can ALREADY vote."
"But this is for THEIR elections, the Board of Directors."
"So it's a popularity contest. Anyone could win. Who cares?"
"Anyone who wants to be famous, I guess."
"But surely they filter applicants? You'd have to be qualified."
"Not at all, you just find a few friends to nominate you."
>How do we make it insulated from gaming, how do we make it sure that
>it is a free will vote, etc. are very difficult issues that needs to
>be dealt with carefully.
If all voters live in the United States, the Postal Service seems
most trustworthy (i.e., least vulnerable to compromise). IDP's with
millions of users can cast millions of votes - again, this is
trivial! I'll bet even *I* could write some code to intercept all
OIDF communications and conceal them from the user, who continues
using "their" OpenID oblivious to all this. Membership could be a
problem (since it reveals physical address, and often phone number,
enabling the Foundation to contact them directly (not through IDP
middleman) to confirm membership/vote, and it'd be trickier to find
several million complicit pawns), and we certainly should NEVER allow
IDP's to act as registration portals for their users in this way -
mass registration ahead, many quite possibly being fake!
I think a *combination* of OpenID and mail, security-theory wise,
looks good - the Postal Service is a channel IDP's can't (easily)
touch (especially not if they try to cover courier services such as
FedEx or UPS), and noone in the delivery services can trivially
compromise the OpenID's of users 'en masse'. Using physical addresses
is a good way to have confidence that you are dealing with only one
person per voter - the U.S. government uses this for *its* voting
system, so it's a decent starting point with plenty of room for
improvement. Challenges through non-OpenID channels, I think - it's
too easy to fake return addresses or caller ID to safely issue
challenges through OpenID and then expect that whatever non-OpenID
response comes that appears to be the user, really is!
-Shade
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
More information about the general
mailing list