[PLUG] Universal Personal Code

Ben Koenig techkoenig at gmail.com
Thu Jul 16 01:45:35 UTC 2020


The idea of a Universal Personal Code that gives normal users access to
identity verification is a very good idea.  But like most good ideas it
needs a forcing function to justify the change in behavior.


BEHOLD! Our Forcing Function has arrived!

https://www.reuters.com/article/us-twitter-cyber/twitter-silences-some-verified-accounts-after-wave-of-hacks-idUSKCN24G32Q


>From the ashes of Twitter a stronger internet shall arise :)

-Ben


On 5/5/20 9:19 PM, Tomas Kuchta wrote:

This is EU wide since at least 2014/2015. I remember getting it issued by
the post office a long time ago, probably around 2010 or sooner.
https://ec.europa.eu/digital-single-market/en/trust-services-and-eid

It allows notary quality document, encryption, transmittal, signing and
personal authentication. Good enough for courts, banks, property
transactions, police, almost any legal secure and verifiable
government/citizen/business communication.

It also comes with electronic post box, AKA funny looking encrypted webmail.

Tomas

On Tue, May 5, 2020, 10:42 John Sechrest <sechrest at gmail.com>
<sechrest at gmail.com> wrote:


I think that a true digital identity is one of the enabling technologies
that will transform much of our lives.

The Estonian E-residency provides a path to having a validated digital
identity.

having community based ID systems struggle with a model to keep them
financially viable.
So having some mechanism where the ID process is secure and unique is
important.

It sounds like you have a tool that might be helpful for that.

Have you explored Estonian E-residency?

Singapore and India and the UN are starting to apply that model. And
Estonia has been pushing the idea across Europe.

I would love to have my Drivers license be the foundation for a digital
id.

If you like, I can introduce you to someone who help build the X-Road that
is one of the back end technologies to support the Estonian Digital
Government.

I now believe that internet based conversations (like Youtube comments,
Twitter or faceboo) should be backed by a verified digital ID, so that when
the trolls start trolling, they get blocked permanently.  Anonymous posting
is a substrate for troll infection.

So meaningful hardware to support a real Digital ID is important.

Let me know if you want to do this talk as a Youtube/zoom talk.



On Mon, May 4, 2020 at 9:04 PM Keith Lofstrom <keithl at kl-ic.com>
<keithl at kl-ic.com> wrote:


Would it be possible to create a universal personal code? I mean not
part of a corporation like Google, or a nation, like the USA. It would
have to be run by a totally independent organization, one that everyone
trusts implicitly.

Years ago, I had a business account at Pacific Continental
Bank (now merged with Columbia Bank).  I visited the
Beaverton branch perhaps two or three times a year.
At least two employees would greet me with my first
name when I walked in.

There are people with the skill of recognizing tens of
thousands of individuals on sight.  Combine that skill
with vetting and training, and you have the core of an
"identification company", whose mission is to verify
your identity, and authenticate you to others.

It would be too easy to hack online without the F2F
component, but this could be a two step process, where
the people at the service identify you, then implant a
chip that can (indirectly) identify you by private-key-
signing a transaction.  I'd combine that with another
device that visually or sonically indicates that your
imbedded chip is being accessed.  Of course, the chip
signature and associated online information should be
changed frequently; the chip might contain hundreds of
digital keys, externally changeable with yet another
digital programming key.

For ordinary commercial and personal tasks, this would
be a "nice to have"; for an emergency room doctor needing
access to patient records Right Now Only, it could be a
literal lifesaver.

In any case, something you are, something you have, and
something you know ... and NOBODY ELSE KNOWS, /not/ the
name of your grade school ... are three good ways to
identify you.  Somebody skilled at knowing YOU would be
a good fourth way, and how we've identified each other
for millenia.

Full disclosure: for decades, I licensed a technology
for large dense arrays of truly random, permanent bits.
With modern silicon processes, tens of megabits of
random bits in an area smaller than the cross section
of a hair.  The bits can be permanently sequestered
from external observation; one of our clients used the
technique to encrypt physical fingerprints in hardware.

Now that the patents have expired, it is open technology,
so perhaps I should present it to a silicon equivalent of
PLUG.  Next year, after we get rid of the plague, double
entendre intentional.

Keith

--
Keith Lofstrom          keithl at keithl.com
_______________________________________________
PLUG mailing listPLUG at pdxlinux.orghttp://lists.pdxlinux.org/mailman/listinfo/plug


--
John Sechrest      .  Need to schedule a meeting
:http://sechrest.youcanbookme.com
                                   .
                                        .
                                                .

                                                          .
     sechrest at gmail.com
                                                                       .
                           @sechrest
<http://www.twitter.com/sechrest> <http://www.twitter.com/sechrest>

         .
        http://www.oomaat.com
               .
_______________________________________________
PLUG mailing listPLUG at pdxlinux.orghttp://lists.pdxlinux.org/mailman/listinfo/plug

_______________________________________________
PLUG mailing listPLUG at pdxlinux.orghttp://lists.pdxlinux.org/mailman/listinfo/plug



More information about the PLUG mailing list