Slashdot Mirror
An Online ID Registry
Neil Gunton writes "Over the years I have had a few ideas for websites which would allow for free registration and trial, but I always ran up against a brick wall with regard to how to stop people from re-registering as someone else once the trial was up, or registering multiple times for abusive purposes. The question of how to verify online identity has been bugging me for a while now, so eventually I just sat down and wrote a prototype for an Online ID Registry. There's a white paper explaining what it's all about. I am curious to know what the slashdot crowd thinks of all this, whether I am on the right track, and what to do next. Should it be for-profit or non-profit? Is the whole thing pointless and stupid, or a cool idea? I don't really know where to take it next, because I don't really want to be sitting at home verifying people's documentation for free, and I am nervous about the security and legal aspects if I do it for money. I have no clue how to set up a non-profit organization, and my business knowledge is almost non-existent. I am sort of stuck with a working website but nowhere to go with it... that is, if it's even worth going anywhere. Perhaps it was just an interesting exercise... thoughts and ideas welcomed. (Note: The server may get a little slow, since while I have a caching reverse proxy front end, people will inevitably be trying out the registration, which involves key generation and other cpu intensive activities, so I don't really know how well the mod_perl backend will stand up...)"
"I am sort of stuck with a working website but nowhere to go with it."
Not anymore you don't. Problem solved!
-------
"In times of universal deceit, telling the truth becomes a revolutionary act."
-- George Orwell
Well, first and foremost: Get a fire extinguisher handy for the slashdotting you're about to receive. Hmmmm ... I have a
compute-intensive application I'm playing with ... I think I'll talk
about it on slashdot. What's that crashing sound I hear?
As to the premise: I actually think it is a moderately valuable idea, but you are going to find yourself heading into a strong wind of distrust. "Who is this guy that I want to give him information that has extemely high identity-theft value?" - Your first major obstacle is not technological at all, it is going to be image: How do you present your bona-fides. Can you afford a seven figure surety bond?
Finally, the ultimate question, when you decide how to make the business model work: Who wants the product? If you can get pr0n sites to accept your say-so as an adult-verification entity, then you will have people beating down your door to sign up with your service.
How does the Slashdot Effect happen given that no slashdotters ever RTFA?
see microsoft passport. I'm sure there are tons of online user ids, the biggest being passport and yahoo.
I wonder how hard it would be for an independant website to use passport for id?
Anyway, making your system for-profit would be kind of pointless, since there are already much larger commercial offerings. I'm not aware of many non-commercial ones, though. oh well.
autopr0n is like, down and stuff.
The only way to truly verify identity online or offline is to appeal to a trusted authority...which currently people use driver's licenses or SSNs for. If you cannot establish a trusted authority that discrminates people you have never met before, your system is just another exploitable database.
First, does it keep track of where I've used it? If so, then I want this used in my favor by allowing me access to this log to ensure that my identification has not been compromised.
Second, can site A find out that I also use site B?
Third, is there any more information stored than my credentials? (for example credit card #s, SSN etc.) Not only that, but will sites use this as a key for tracking additional information? (perhaps you should consider returning an "identified" or "not identified" response, with no additional information.) (Sites that keep my CC# without giving me a way to delete them piss me off. This means you, Amazon, you and your collection of every expired CC I've ever used there.)
I think thats a pretty good start. That pretty much covers my privacy concerns as well as exploit/misuse concerns.
If I have been able to see further than others, it is because I bought a pair of binoculars.
Doesn't the idea of a central registry defeat the purpose of the internet anyway?
The internet was designed so any number of nodes could go offline and all the other nodes could still talk to each other. This has largely been kept true, even in the application layer, where your stuff would be taking place. I think that requiring a central database for people to use to register for websites would be unwise.
Also, you have any number of privacy concerns here. Do you really want a database of everything that everyone registers for? Do you want it to be possible for your boss to find out that you subscribe to an atheist news letter of he's a hardcore christian?
Help I'm a rock.
Simplicity - the service should be simple and easy to use, so that your average non-geek can use it without having to care about encryption, PKI infrastruction, digital certificates or other arcane knowledge.
Yeah, that infrastruction. A real bitch.
Seriously, though. You seem to be thinking of people mailing notarized passport photocopies!? Yeah right. The vast majority of FRR sites only want to know their advertising demographics and do some geotargeting (also with ads). They don't need to know your SSN or even care. As long as 50% of the people respond truthfully, they're fine.
your system just sounds like a huge pain in the ass. It'll go nowhere.
autopr0n is like, down and stuff.
you really are the owner of this website?
There's nothing Intelligent about Intelligent Design.
No one should trust you. You shouldn't trust anyone. This idea might be valuable in someway, but i believe you are trying to accompish what pgp keys are already doing.
I dont care what you try to come up with, I bet you $100.0 that within 24 hours I can figure out a way to get multiple user id's on it.
Hell meet the right people and you can get multiple Social Security number, drivers licenses, and passports.
ALL identification systems can be subverted and online ones that do not require a large amount of 3rd party and usually highly reliable data backing up your claims to be you is really easy to subvert.
I tried to find a solution like this over 7 years ago for the company I work for. it is impossible to make a foolproof system and I proved it to the board of directors that trying to do this will only piss off the customers and give us nothing but a false sense of security that really does not exist.
Do not look at laser with remaining good eye.
Have you looked at the http://www.cacert.org people? They are basically doing the same thing and issuing digital certificates based on the person and his/her level of authenticity. Since you have to use your drivers license, passport, or something of that sort, its hard to get a second account :-)
Peace
Well, I should think you could write hooks into the free Thawte web of trust system to achieve this goal. Why reinvent the wheel?
http://www.thawte.com/email/index.html
Ads? What ads?
I'll just register with a dummy email address!
Error 404 - Sig Not Found
I don't see one and this doesn't cut it:
Privacy - users will be entering very sensitive, personal data which they do not want passed on to anyone without their permission. People want to maintain full control over their own information, and not be used as pawns in marketing games
Until privacy is addressed with a lock tight policy, like, "We'll never give out your info." I will never become a client.
Nice cut at things, but why on earth should we trust you?
This is not meant as an insult -- it cuts to the heart of the matter. A user is thus relying on you for secure storage of all of his or her personal information, and also relying on you that none of the information will ever leak. This is both leaks to the outside world in general via website spoofs, phishing, and the like, as well as internal leaks where an individual's information is inadvertently revealed beyond what he or she intended (e.g. I only meant to give out my address, not my credit card number).
You would do well to read up on the design documents and white papers from the Liberty Alliance. This is a hard problem to solve and simply using a centralized data store does not address any of the real privacy and security issues inherent in the field of identity verification and personal information management.
--Paul
ahhhh, isn't this what the liberty alliance is all about?
www.projectliberty.org
How are you gonna make sure people don't get another one? "You send in notarized copies of documentation such as passport, birth certificate, drivers license, utility bills etc." Riiiiiight, I got three people in this house that won't be using this thing. Along with plenty of insecure garbages all over town full of utility bills. Even shit like SS# are _VERY_ easy to get. How do you think illegal workers work? With fake SS cards they buy for $50-$100. This is a really useless idea.
Is there anything better than clicking through Microsoft ads on Slashdot?
Also for one of the stated goals - to ensure that people don't register several times - you need some confirmed data. So either a credit card I guess, or something more intrusive. Just doesn't sound good to me at all....
My solution: Everyone gets an implanted RFID grain with a unique 128-bit identifier + a public encryption key with cheap readers everywhere they will ever need to establish identity. And anyone caught faking an identity goes to jail for life to deter such attempts.
It won't happen. The privacy advocates would be up in arms against this before the ink was dry on the proposal. And someone would still manage to beat it -- though probably very few. Someone will manage to make his ID grain rewritiable, or some such nonsense.
Conclusion: I don't feel this problem is solvable through any measures current society will accept, but I'd love to be proven wrong. I look forward to seeing what solutions are proposed.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
You've gotten a lot of responses to "use Passport" and the like. Passport, of course, doesn't uniquely identify you--you can easily get multiple passport accounts.
Instead, use Paypal or similar financial services who have an interest in verifying ID. Yes, many have problems with Paypal eating money, etc. Guess what: Most will probably have a bigger problem sending YOU their personal info & paypal already has a lot of personal info.
Just make users send you the send you the smallest amount possible as pseudo-micropayment. And/or send THEIR paypal account some small amount. That will probably be cheaper than doing verification yourself.
This is frighteningly similar to Microsoft Palladium's "Nexus" component.
Wow, this guy sure has issues. He compares Michael Moore to Hitler. LOL.
You could use CAcert and their certificates as required identification.
Aren't there anymore naked anime casemodded mp3 players out there today?
That's what /. is here for. I suggest you count in minutes, not hours.
The Mothership
why do i want to do this?
what reason do i have to send you photocopies of my personal information?
how do i know YOU are who you say you are, more importantly, why do i care?
what is the point of such a registry, what does this registry have to offer that microsoft passport does NOT have, and why does THAT matter to ME?
People only care about things like this if it provides a direct and measurable increase in "quality of life" (tm) anything less than that and you are going to end up with about 30 people total who are willing to do this (on earth) and not many more.
to sum it up, what is the point?
this is really stupid. Autor states that electronic signig and autentication never really caught on with geeks, but for some reason, he thinks that just about everybody will be thrilled with his implementation. What a great concept ! Have your vital info notarised, scan it,s end it around etc... Yeah! What an imoprovement over PGP etc, where you simply send a few tens of bytes of your public key... Not to mention the smallish issue of the security of that central authorisation point. While the official key registrars have to be secure places, they are not strictly centralised. If AL-Quaeda guys nuke one of them, no big deal for the rest of correspondents. They would just use some other registrar. Besides, those places hold encrypted data, so they can be blown up, but getting intel out of them is not very probable. NEw scheme tries to be PGP Lite, just for cheap/free online services, but I don't see where the Lite part regarding implementation comes in...
I can only see where this is going.
First of all, if you're really worried about people abusing a trial service, maybe you could track things via IP, or, even subnet masks. If your application is specific enough (or just geared to one industry in general), try doing the "Thanks for requesting information, we're going to *MAIL* you your login information the next business day."
Second...how do I as J6P know that you're going to handle my data correctly? No matter how many times you tell me on your website that you're handling my data in a secure fashion, I can't actually see it. Am I suppossed to just trust that you'll keep my information away from everyone? Including yourself, your marketing droids, and maybe the FBI should they come knocking on your door?
If you or company are worried about people abusing a trial service...well, get over it. It's bound to happen, no matter how you try to stop it. Just use common sense (don't allow signups from Open Proxies, maybe ask for a credit card number if you're looking for a paid service in the future), and realize that you're going to have online 'shrink.' Every company has shrinkage...why should an online company be any different?
I can only see where this is going in the "trustworthy computing" area. In order to get a computer, you're going to have to show your computer maker an ID, they'll seal your computer so you can't install devices (they'll send a technician out to do it), and tell you what you can and can't do with your data, your time, and ultimately, your hardware.
Ian
I disable sigs...do you?
Isn't that what GPG is for? Oh, I get it, you're hooking up an online identity to a real one. Well, that's kind of what a domain name is. If we had free personal domains, administered by someone politically neutral, that would all be a solvable problem. I haven't looked into your site, but I understand what you're talking about, and yes it would be a useful thing. It's the kind of thing that could defeat spam, fight evil and be generally useful. I think it could be strapped together by encouraging companies to mutually trust eachother's employees at the mail server level etc until it became so obviously useful everyone wanted to do it... Cheers, -BM
http://melbournephilosophy.com/
I would also like to see an Online Eye Dee Ten Tee Registry.
hey auto, check out pictures-free.org . autopr0n rocks!
Nice idea, Michael, but why would I want this?
What problem does it solve?
I already do online banking, shopping, bill paying, etc.. What additional service could I get from registering with you?
Before I sign to OnlineRegistry, I need to verify that Neil Gunton is a real and believable person. This 'project' may as well be a spammer's (or scammer's or CIA's or whoever's) clever method of harvesting identities.
Any ideas how to verify a real identity of Neil Gunton?
There you are, staring at me again.
You solved the problem of people doing multiple registrations for a *free* trial by introducing a system where I have to get a notarized copy of my passport and then *pay you to process it*? I am wildly unconvinced the author of the original article has any idea what problem he's trying to solve... In short: show me a problem, show me a solution, and do us all a favour by having the two match up.
The main problems are that this just shifts the point of failure (or deception or fraud) to third parties. Instead of you yourself lying about your identity to someone over an insecure communications system, now you're dependent on whatever procedure people identify themselves with to this registry. Ultimately someone at the registry has to examine the documents submitted by someone and decide whether or not it's legitimate (and thereby mark the user as verified). How can he managed to never be deceived? One mechanism mentioned is photocopies of documents (photocopies are notoriously easy to manipulate) and a notary public -- but how do you know that the notary public isn't working for the bad guys (after all, it's not like it takes a huge amount of effort to become a notary public)?
Ultimately there's going to be an issue of liability. You cannot guarantee 100% reliability, and so you're going to get sued whenever someone who is mistakenly verified by the system defrauds someone else. Do you really want that?
Nope. Liberty is a free project for centralized user IDs... but has no component for the killer app this person is looking for, preventing the same person from using two or different accounts to get treated as a new signup two or more times...
but answerable to ... absolutely nobody. Be afraid. Be very afraid ... oh on second thought, just don't ever register there.
The security of the whole thing seems extremely low. If you want to do something like that I suggest that you consider some zero-knowledge techniques.
Go, fetch a copy of Bruce Schneier's Applied Cryptography, but you've probably already done this. Just open the right page, then (503).
Seems to me that the needs of the website owners are at variance with those of the website -- or more accurately -- online community -- users. Look, if I'm selling ads on /., I'm touting every impression as unique, by a major IT Industry Knowledge Worker/Decision Maker. You want to provide substantiation that it's really one 14-year-old with 35 different aliases and a singularly large amount of free time on his hands? R U Crazy?! Jeez, if this catches on, it's the end of the Web/Blog Ad Sales model as we know it...
Which is to say: GO, MAN, GO....!!!
Here in Finland every bank offers sign-in with your bank web-account-id, and the protocol (TUPAS) is standardized here in finland by a central authority (Pankkiyhdistys), so that when you include this authentication system to your application, with the same effort, it works with all the banks (and potential customers). Allmost all the transactions and bill paying is done electronically in web-banks here in Finland, so almost everybody has these id's already. The bank authenticates the user at the local office, so It really works.
You receive the users's social security number and other important information, and the protocol can be customized for companies to give custom information too.
So I think this system (topic) is quite useless. It really needs some authority to trust.
Do you have this kind of stuff?
Forget verification. Filling in endless registration forms for come-and-go websites is a prohibitive barrier to massifying web commerce. Just implement a database of records with unique IDs, and suffixes for levels of info disclosure, and people will use the IDs in a single registration field all over the web. It's like M$ passport without the onerous security infrastructure. If you presign a giant damages agreement in the event someone proves you've divulged their info against the license you've gotten from them, they might even trust you.
--
make install -not war
IT seems some people here are overstating the problem - "You'll never be able to have a foolproof system for verifying peple's identity!" So what? That isn't the problem he's trying to solve.
The problem he's trying to solve is people avoiding paying for a service that offers free trials simply by creating multiple user IDs when the free trial is over. To prevent this, he doesn't need a foolproof system...
He just needs a system where it is EASIER TO PAY FOR THE SERVICE than it is to get another ID, for MOST people, MOST of the time.
If 1-5% of people still go through the bother of getting extra IDs, but 95-99% of people who would otherwise just keep abusing free trials end up paying for service instead, then the system might have value.
Whether that's enough value to justify the system however, I don't know. It seems a lot of places that have free trials actually BENEFIT from the "abuse" - take matchmaking sites for example. The larger a site is, the more value there is in a subscription. It's probably better for them to charge people willing to pay in order to keep the same login/profile and also have a buncha people who just keep doing free trials than it is to just have people who are willing to pay and get rid of the "leeches". Same reasoning as the "Pirated copies of Windows are good for microsoft" (market dominance) argument.
paintball
"Should it be for-profit or non-profit?"
;)
Hey There,
I would suggest you go with a proven business model.
Should be "non-profit".
Just make sure that you patent the idea.
Don't tell anyone about the pending patent.
Work as part of a standards group to gain wide acceptance.
Wait 3-5 years.
Now what's the phrase I'm looking for?
Damn the torpedoes?
Up periscope?
Surface that submarine
Cheers,
--The Dude
CHeck out my drawings!!1... comments/suggestions are most welcomed
Thank you so much for posting this link to your amateurish drawings of Furry Hentai.
After a weekend of consisting of drinking beer, posting on Slashdot, and not going out on any dates, I was naturally questioning whether I was a pathetic loser who had wasted his life on stupidities.
But after seeing your drawings of women with cow and lizard (or something, your cows and your lizards look pretty much the same but for their colors) heads, expression-less faces, impossible ballooning breasts, and crudely drawn swollen genitals stuffed full of gigantic dildos and tentacles, my depression lifted and I felt once again a real satisfaction in my life.
I realized that no matter how much time and potential I've frittered away in my life, no matter what mistakes I've made, nothing I have done is so pointless, lacking in artistic merit, or symptomatic of an inability to relate to women as other than dumb animals with giant boobies and gaping genitals, as the "art" work you are so deluded as to be proud of.
Once again, the internet has served its real purpose: to show, by the great diversity of its most dismal and fetid and stunningly pointless depths, that most of the rest of us are by comparison, balanced, happy, contributing members of society.
Thank you once again for making me -- and I'm sure legions of others -- feel better by displaying just how useless your life is. You are truly a holy martyr to the cause of human joy! Christians claim Christ for our sins, but you have outdone Jesus: you live for your pointless Furry obsession, and in so doing enrich all lives around you merely by comparison!
I salute you sir, for the happiness you bring to the world by allowing the rest of us the relaxing pleasure of some thorough Schadenfreude!
Mod parent up to bring this joy to all who read Slashdot!
Opinions on the Twiddler2 hand-held keyboard?
Verisign attempts the same thing, but in reverse. I (Mr. Website Owner) purchase a "certificate" from Verisign. Depending on how much I pay, they perform certain types of verification, certify my server's identity, and "people will trust [my] site". Truth is, folks don't typically care if I purchased the certificate from Thawte for $25 or from Verisign for $500; they care that the transaction is encrypted, that they didn't get a security warning, and that my site has not developed a negative reputation (notice I didn't say "has developed a positive reputation").
You idea seems opposite: are sites interested in identifying their customers more assuredly? Well, if so, Verisign also has services it offers for certifying individuals -- but I've never run across a site that requires such strong authentication. I don't think there's tremendous demand for a third party to provide that authentication. Although your implementation may be technically different, there's still little demand for the concept.
I think you've put some valuable thought into some protocols and algorithms that others have devised (Translucent Databases, Applied Cryptography) and designed a concrete implementation. Now, go and create demand for the product.
and why on gods green earth would i spend the time to SEND you NOTARIZED ($$) copies of my UBER-private documents (step #3 on his page)...
For....
a "free trial" or "free registration"?
through a third-party.
no way... im too lazy to give my lawyer those documents in an orderly fashion... much less for a free trial to mens life online magazine.
--Idiots, Every single one of YOU, A flaming mass of conglomerated morons, hey wait a second, isnt that how RAID works?
One of the main problems that I see in identity/privacy/security issues at the moment is that people are convinced that there is a purely technological solution. That's just false. One thing you will have to consider is how much it is worth it to someone to cheat, what are the initial costs of getting an identity, and what are the costs to a discovered cheater. If the benefits to cheating outweigh the costs at all, then you lose. If there is money to be made in cheating, someone will find a way to do it.
Secondly, you as an individual (or a small business) will never be able to run this service. The insurance cost alone has priced you out of the market. You are providing some degree of certainty above the status quo that people registered with you are who they say they are. That has significant value, at least linearly related to number of users. Which means insurance prices would be huge. This is a business most naturally suited to an insurance company, not a technology company or an individual.
Finally, why do you claim that centralization is necessary? We barely use this in real life. Birth certificates don't come from a central authority - they come from towns and hospitals. Driver's licenses are issued by states. Credit cards are issued by banks. Student IDs are issued by universities. Even these things that we consider centralized are decentralized. Our more informal relationships are completely decentralized. A web of trust more accurately reflects our relationships, not a hub with a bunch of spokes. Why would you want such a huge single point of failure?
Could you prove me that your system is secure, that is that I can only register once, and only once, and that no one can be identified as anyone else? Could you prove that the information I might give you is secure (inaccessible by anyone else, unless authorized)?
I don't think it is possible. With all the cryptography in the world, there is always a point where you have some trusted data, such as a password, that will be your weak point. After all, that encrypted data must be decrypted to be used.
An attacker might attempt to subvert your initial login (say testing for common passwords used to decrypt the data). A malicious user might lie (say that he never registered to a site when he did), your audit data would have no value (IP addresses may be spoofed, same thing with all the data sent from a host attempting to login to your service).
Someone WILL (not might, it's certain) try to crack those tickets of yours, they might provide valuable data, not only personal data, but might enable someone to create aditional tickets (hence re-registering at will).
If the data in your server is stolen, it might be possible to run a dictionary attack on those encrpyted records (after all, lots of people use crappy passwords, no matter what strong crypto is there), and that will probably yield valuable information on stealing identities from your server.
Nodody guarantees that companies will not abuse your service (after all, if they can read data from your server, they can easily copy it).
OK, you might make it difficult for these things to happen, but there is still no guarantee that it is safe as you say, crypto converts big secrets into little ones (by encrypting something, that something no longer is vulnerable, but the key now is), but if that little thing is not secure, everything falls appart.
GPG 0x1B479C78
I wish people, instead of competing with an outstanding existing system and fragmenting, would build on the existing infrastructure and database.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Your inital problem was "people register n times at my site and I can't stop them". Here's a different way to stop people:
:-)
:-)
Have a central registry with only an ID and a phone number. To activate your ID, the system calls you and tells you a number which you subsequently type in a web form. The "ID" is then considered "validated".
Your initial web app can now call the DB and ask if the ID is validated. If it is, everything's fine.
Advantages: Less privacy intruision (people only have to trust that the central registry won't tell the phone numbers anybody). Simple to set up for both the central registry and any service. Quite efficient (most people don't have access to more than a few phone numbers).
Case solved.
If you implement it, don't forget us poor buggers from Europe who would like to use the app too!
Actually this exploit of IDS is a two edged sword for those that try to exploit it.
If you keep track of IP addresses and do a little research at netcraft - you can really expose someone for being a fraud.
On my website, I have followed such a person, and exposed that he was registering as different aliases and agreeing with his own posts pretending to be other people. In some cases, just so he would look like he wasn't the same person he would criticise his previous comments.
Yell & scream & rant & rave... it's no use... you need a shaaaave ~ Bugs Bunny
Hi, I'm the developer of the Online ID Registry prototype. I wanted to clarify some points:
a) The Online ID Registry concept has nothing to do with MS Passport or Liberty Alliance. It is not a distributed login system, it is simply a way of confirming your identity. The website is not used in any sort of tracking or third-party login architecture.
b) All of your information is encrypted, using a password that only you know. Therefore even if the entire thing was stolen, it wouldn't be any use to anybody, at least unless they can break Blowfish on each and every record.
c) I haven't asked anybody to trust me personally at present, the whole idea of this article was to get feedback on the concepts and mechanisms, and to try to work out how this thing might be done in a "non-evil" manner. You have to start somewhere! We're just talking about how this might work. Please read the White Paper before diving in with comments about "Why should we trust Neil" etc.
Ok, here's another idea on the documentation front: Many people obviously have a problem with the concept of sending notarized copies of their ID docs through the mail. It's true, this does present many problems. How about if we had the Notary Public simply confirm that various pieces of (original) documentation (passport, bills etc) matched up with the information on the printed confirmation form, and the Notary Public then checks off what was provided, notarizes the form and seals & sends it off *themselves* (obviously you can't have the end-user doing that). Or, perhaps we could have the Notary Public authenticate the documentation request themselves online, without having to send anything to the Online ID Registry at all. The Notary Public has to be computer savvy enough to do this, and in fact they would have to be confirmed themselves in some way in order to have access to the admin functionality for confirming people. I guess we could use the snail mail for the Notaries Public, or perhaps there are other established ways of authenticating these people? Anybody know?
Point is, I am open to other ways of doing it, I think it would in fact be a huge plus if we didn't actually have to handle all that paperwork. Having the NP confirm "on the spot" with the originals would seem to skip a lot of hassle. Of course, the issue becomes establishing a secure enough mechanism so that the NP can notarize people without people being able to alter the form before it is sent in.
Still thinking - thanks for the feedback.
-Neil
Just because your monikor is "Studly Bob" on one web site doesnt mean you have the rights to it anyplace else.
not the right way to go. When you try to tie online identity to real-world identity, you begin to encounter serious circle-of-trust and privacy issues, which many will balk at rather than use your system.
That's why some think the best you can do is track the behavior of an online identity in some manner that minimizes the impact of throwaway identities.
In fact, that's the basis of a distributed, P2P anti-spam project we've recently started, called GOSSiP. There's a white paper and mailing list available, and an active community about to start development.
.@.
So, people don't want to give out their credit card numbers for free trial... But they will want to give you their DOB/Address/Passport/etc? Sure, the individual site wouldn't be the one causing the immediate nuisance, but you still have the problem of getting people on the system to begin with. If they were loathe to provide you with a credit card number, what would make them more willing completely hand over their identities?
Also, you're being incredibly disingenuous with statements like this (in the Quick Tour section):
But, the registration is non-SSL and requests name/DOB/address. I see that buried in the "Terms and Conditions" and "Implementation" section, but, saying "nobody but you can ever see it" anywhere on the site when you're not even using SSL in transit shouts loud and clear that you aren't the one to trust with any sensitive data.
You should have a big highly-visible warning on the registration page about being a prototype and that there is no SSL, and that having no SSL means all information is sent insecurely to you. Not statements that "no one but you can ever see this information" in big print, and "Oh, I was lying about that" in small print.
Stating "no one but you should ever see it" regarding the database being encrypted is also a big false sense of security. Since the password is being given to your server, it can be intercepted on the server. If someone has access to steal the database, they've most likely got access to harvest some passwords first, too. Of course, since you're doing everything in cleartext in-transit right now, it could be intercepted over the network, too.
Never give out your name and address on the internet unless youre trusting them with your credit card details as well :)
You mentioned in the article that you don't know anything about nonprofits. Go to www.nonprofits.org for all the information you can handle on that topic.
-Myke
myke@compassionatecoalition.org
http://www.compassionatecoalition.org
Seriously?.
I am very small, utmostly microscopic.
Points can be earned by:
Depositing 2 random amounts of money into the person's checking account (like PayPal)
Verifying their address with the address on their credit card
Matching their phone number to their address through a phonebook (anywho.com/rl.html)
Have an automated call placed to the phone number listed and ask the person to input his/her date of birth as digits
Have X other registered users verify that the person signing up is real
Have the person fax in a notarized document of identity
Send a letter/postcard in the mail with a code for the person to use to verify his/her address
Have the person call a toll-free number and input their birth date and using caller id to verify the source of the phone call
There are probably more ways, but like others said, if you're serious about this, you may want to look into starting a non-profit or LLC.
I distrust any site operator that insists nobody makes more then one account. People dream of this for doing voting things all the time, but it's just not possible if there's a cent or a laugh to be made rigging the system.
you just gave it away, and now someone else will run with tha ball if it is viable.
My brothers been trying to play some koreans game and they've got this pretty well nailed down. Because gameing and the internet is massive in Korea (I think it was like 80% or some other crazy number) they're are currently alot of games being made there hence they're are lots of games in Beta as well. Most of the games go to open beta, then they start a free content/paid content kinda thing. Basic game is free but you can get cool stuff/access certain servers/get above a certain level for cash etc.
The thing is almost all of them use the SSN. It works a little bit differently over there but that it in a nut shell.
* It means you have to be Korean to play the games or know a korean that doesn't play games.
* You can only apply once.
Try POSTIDENT.
http://erichsieht.wordpress.com/category/english/
What a great idea! If I wanted everyone to know exactly who I am I'd get a Hotmail account..
Have you considered the priesthood?
I think it's important for people to realize that any database that contains personally identifiable cards is subject to search by the local/state/federal authorities. You can say all you want about the patriot act being used to combat terrorism, but when they start using those tools to grab information on any citizen from any private party without the need for a warrant investigating normal crimes, is going to require thought on your part.
It's not the use that turns people off, it's the abuse. Schneier says that it's not the way security systems work, it's how they fail that's important. It's important that people understand this. That's probably the number one reason I will not use a centralized database that holds my information as a trusted third party. I simply won't trust any third party to act as a proxy on my behalf for authentication. It's not enough that we merely "trust" these third parties to do the right thing, they have to be transparent. Also, if I don't like how some clearinghouse handled my authentication or distribution of personal information, I should be free to move and choose a different company to represent me.
I don't see that happening with MS Passport.
At some point people then usually hit upon the magic bullet, biometrics.
The problem with biometrics is the same problem as using the SSN for verification. Once the biometric data is lost, it's lost for good. An ATM card can be replaced and a pin number can be reset. You can't reset either your SSN or thumbprint easily.
To solve this problem, the beginner thinks, "Okay, let's say we just store a one-way hashed value instead of actual fingerprints in our database. Now there's no privacy concern, anymore. Right?"
Wrong. Why? Transmitting a fingerprint, in this difference, is no more different than transmitting a hash of a fingerprint. If a man-in-the-middle attack can pick out the authentication byte stream, that byte stream can be reused over and over again.
And then you have the problem now where the users will have to keep their fingerprints secret, as well as their SSN's. Ill reputable restaurants may then be able to "steal" your prints off the glass you drank out of, and make copies.
Cute eh? I think so.
Why should I only be allowed to have one identity?
Someone tell me why this is relevant.
If a system requires each account to have a unique human body behind it, then it is fundamentally flawed, right from the start. Why bother pandering to such broken systems?
It sounds like a great plan. Think of this, you could register once and never have to register again for news paper sites. Problems: 1. PRIVACY - Do you want one place to have all this info. 2. You rely on one place for all this info. What if it is linked on slashdot or fark hehe. 3. Money - How would this one central site make money? 4. Technology - How would they integrate this with several different systems?
and it's very well executed, and totally free of paranoia / delerium / apathy. http://bugmenot.mozdev.org/index.html i use it, it rocks.
I use gpg to sign (and encrypt when possible) my mail. This allows the reciever to verify that the mail was, in fact, signed by my gpg key. This does require the reciepent to verify that the key used is, in fact, mine.
gpg has been used for years and it works. I read in the article something about Instant Messages. Several Jabber clients, including PSI, can use gpg to "real-time" encrypt conversations.
Honestly, to me it sounds like reinventing the wheel. It is a very good idea, that's why it was done years ago.
It would be easy to make a php function that checks for a valid gpg key before accepting users, the same way a valid email address or toher means can be used. This, however, requires the audience to have gpg keys and demanding things from the audience tends to turn it away. This also applies to "Online ID Registry", a web service that requires me to sign up and configure some something I do not already use is a web service I'll skip.
9/11: Never forget it was a false-flag operation
When you first sign up for the website, they give you a confirmation number. Take this number down to the post office, bank, somewhere safe. They have a machine that scans your retina/fingerprint/DNA/whatever, and sends an encrypted version of it to the central government database, along with the confirmation code. The government database uses the confirmation code to send a message to the other party telling them that you are who you say you are.
Since this is done in a public location, you cant cut off a persons finger or anything. The only real problem would be if somebody faked the confirmation letter or stole the database. There are very few criminals capable of something that secure from the government.
Why not just use the existing mechanism of personal certificates/digital IDs? These achieve the same effect, but without the requirement of a lookup on a centralised database. ie, the certificate holds all the required information, and is digitally signed by a trusted party which has supposudly verified the information.
As everyone has this trusted party's public key (ie Verisign), they can verify the information.
All the same benifits, without the need of some central database. If you dont trust verisign, or don't like their business practices, then just become a CA yourself and work in exactly the same way. It is much more flexible than a central online database.
I.O.U One Sig.
http://lawgeek.typepad.com/lawgeek/2004/07/dmca_ha mmer_com.html
How much longer are we going to let them do this to us?
No really... Maybe I'm paranoid, but I NEVER enter information on anything that starts with http:// rather than https://
Only allow 1 account :)
Here in Sweden we already have Electronic ID cards. They have the same credibility as the normal ID cards and both are normally issued by your bank.
This should be enough. It would be up to the specific website to check the ID and then remember the persons visit for future.
I am sure this is available in the rest of EU (or will be soon). The physical ID cards are already "EU ID cards" valid in all EU member states.
has probably already been patented.
In Sweden we have Electronic ID cards. They are as valid as the normal physical ID cards we have.
They are issued by the banks, just like the normal ID cards.
Of course, if you have your passphrases stolen for the certificate keys it is bad... But then again someone can easilly steal your credit card numbers whenever you use it.
The majority of the people are like me: they give FAKE ID info, and make sure it is convincing enough not to be detected.
The first thing I would suggest is to patent that idea ASAP before someone else steals it.
The second is to write a business proposal to online companies to sell them on your idea and why it is better than MS Passport, KeyType, MyUID, and others.
So what is to prevent someone from creating a fake Yahoo or Hotmail mail account, and then using it to create a mail account somewhere else that requires email verification. Then use the other email which passes the free web email checks that other sites use? Once they got an account in your database, they can enter fictatious info, and repeat this many ways. If you filter by IP or subnet, what prevents them from using a web proxy?
People won't want to enter their SSN, and what about someone not from the USA, what do they enter? What about people who can generate fake SSNs, or fake passport numbers, or fake driver's licenses? How do you check for all that?
If you require them to enter a valid credit card number, what about those who do not have a credit card? Can they enter a checking account number? What if someone does not trust you with this information or they use fake or stolen accounts? Someone with a program that uses the same formula to check credit card numbers can reverse it to create a fake number that passes your check. What then?
The best way to deal with this problem is to change the software on the end of the service that is providing the content. Maybe trial users can only read so many pages, or get a ton of more advertising and pop-ups than if they had subscribed? Or maybe requiring the trial member to wait 3 minutes before a page loads, and show them a page of benefits should they pay to register? The trial registration, maybe, has a large survey that they must complete, so that creating a new account is going to be more trouble than it is worth. Also limited trial memberships will be issued to subnets per month. If a subnet has over a certain number, they must wait until the next month to register a trial. There needs to be a way to limit trial memberships to prevent abuse.
Remember, Slashdot does not have a -1 disagree moderation, and no, troll, flamebait, and overrated are not substitutes.
would be better, and probably more trusted if one's government were to provide such service.
The only downside would be dynamic addresses, but we aren't talking about amazon.com where they gets millions of visitors either.
I'm not drunk, I just have a speech impediment. And a stomach virus. And an inner ear infection.
What we need is a solid way to identify everyone who takes credit cards on the Internet, to help deal with spammers. It's a crime in many areas (California, for one) to run an anonymous business. California requires that the actual name and address of the business (not a P.O. box, unless you file some extra paperwork) be shown to the customer before the site accepts a credit card number. So it's not controversial to require this. It just needs a better implemention.
What we need is a banking regulation requirement that when a credit card merchant bank accepts a credit card transaction, there's a check at the bank's payment gateway of the web page from which the transaction came. The page must be SSL, of course. Its certificate information should be validated agains the ownership info for the merchant's bank account The credit card transaction (merchant to bank) should be signed with the same key that signs the web page. Otherwise, the bank is required to reject the transaction.
This requires zero consumer-side changes. It makes it much easier to figure out who to blame for spam. Just get to the payment page and read the certificate. Right now, most SSL certificates don't guarantee anything. This forces accurate info into the site's certificate, or the transaction bounces.
It would be a pain for companies that rely on "affilate networks" and other marginal indirect payment schemes. But that's probably a good thing.
Verisign, Thawte, et al support the notion of a certificate that says you are indeed who you say you are. Why not just use that?
There is already Trust-e https://www.truste.org/ but I don't trust anybody that asks for a SSN.
Like most geeks, you have an interesting idea (microsoft passport) but you don't have a business case.
For instance, look at your stated benefits:
Secure repository for your personal information.
Verify your identity once to us, using paper documentation.
Then verify yourself to any number of other users.
Pass sensitive information to others securely. Keep full control over your own data.
Others see only what you want them to see.
I have a secure repository for my personal information. It's called my house. I don't want you to have my personal information, and I certainly don't want you "verifying" what I'm doing.
Let me put this another way. So now, the website I'm downloading from can watermark the files (with a javascript) so they know MY ID downloaded it.....and you can see where that can go. Websites that share information can compare ID's and build a very comprehensive picture of exactly what people are doing on the net.
I think the majority of the slashdot crowd would work very actively at circumventing anything like this that was put in place. They certainly worked hard to get around the digital watermarking in MP3's... another type of verification.
Not too long ago, Microsoft tried to "slamdunk" a number of users and force them to use passport. Players of their massively multiplayer games that had micrsoft "zone" accounts were notified that their personal information was migrating to a "passport" account. It took me two weeks of contacting personnel to have remove my "passport" account, and I deleted my game accounts. Even NOW, 5 years after getting rid of it, I can still log in and microsoft recognizes my "passport" info - likely meaning they still have my personal information there as well.
I do not want to be tracked, catalogued, verified, objectified, numberfied, or any other "fied". I want to walk to the store, buy something, and walk home without wondering who knows I just purchased 3 pairs of women's undergarmets and a package of 300 balloons....
Why did this even make the front page?
It's not innovative cool new useful smart witty fun futuristic entertaining or anything it's just stupid.
who cares if someone registers multiple times?
If they could have paid, they would have paid.
BYU Internet Security Research Lab
Urbana-Champaigne Database and Information Systems Laboratory
> Then there's the question of what happens to all
> the documentation that has been sent in. I think
> that for security and audit purposes, we do need
> to keep it in some form.
On the contrary. Yot need to *destroy* those documents for security and audit purposes.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
For a long time I've been wondering about IP registries.... I'm sure a number of entities are developing IP-based databases but are there any public ones?
With more and more people having static IP addresses, the value of an IP registry increases.
Let's say you get your typical worm-infested e-mail. You know the headers are forged but the IP address of the infected machine isn't. If we could look up this IP in a database and contact the user and tell them they're infected, this would be helpful.
Or you have someone creating trouble on a web site and you want to know their identity? Look up their IP address in the registry and find out who they are.
We know there are ways to identify people this way, but as it stands, there aren't really any solid sources across the board. Hotmail, Yahoo and Google are probably in the best position to create these profile databases if they haven't already. If they want to be responsible, they should make these systems open to the public.
Is it a severe privacy issue? Yes, but we all know the government and probably a number of commercial entities are building these lists. I would like to see one public database of IPs that users could at least contribute to in order to provide more detailed info.
Yeah, those could NEVER be forged, stolen, etc.
John Kerry is a Joke!
Problems of changing address and personal information being proliferated completetly and efficiently, IDENTITY THEFT, identity confusion, citizenship status, accessibility of medical and financial information, etc. have all grown out not being able to readily prove exactly who you are and who you are not.
The solution I have come up with is for the US government to charter an organization to develop and open source, multi-biometric, voluntarily commercialy extensible citizenship database. No, this doesn't mean you would need an 'id card', but that you, or at least your retenas/fingerprint/dna would BE the id card.
http://www.onlineidregistry.com/registration/
sign me up!
Do not take business advice from Slashdot.
Not even this one....
You need to be shot along with all the other faschist pigs!
- each build / install of the application should stop working after a while for evaluation purposes forcing the user to download a new copy
- email a demo key to the user, only one allowed per email address
Of course you're software could still be cracked allowing anyone to use the evaluation version / key as if it was registered.
There will always be a small percentage that find a way around whatever you try to do. So don't make it too hard for legitimate users, or you shoot yourself in the foot. No matter how difficult the protection method is, someone will crack it.
09F91102 no, 455FE104 nope, F190A1E8 uh-uh, 7A5F8A09 that's not it, C87294CE no. Ah! 452F6E403CDF10714E41DFAA257D313F.
Being Slashdot nerds, we tend to look first at the technical aspects of a problem. But in this case, the greatest difficulty is not technical. The biggest part of the problem is trust -- namely, users' trust for you.
This might surprise a lot of people, but the majority of credit card fraud is not carried out by shoulder surfers, packet sniffers, l33t hackers, or any other third parties. It's done by the merchants themselves, or by their employees. Yep: the people most likely to misuse your CC info are the people you voluntarily give it to.
You're planning to ask people to give you information that can positively identify them in a non-face-to-face environment. Which means that you, your eventual employees, the investigators you hire to verify that the documents people send you are real, etc., will all potentially have access to that information. You first have to work out a bulletproof means to protect that information, even from yourself, and then you have to convince prospective users (remember, these are the people who are afraid to send their CC info over the Net) that you've protected it adequately. You can convince yourself . . . you might possibly be able to convince me . . . but it'll be a cold day in hell before you convince my mother-in-law.
There are a lot more mothers-in-law who have heard scary news stories about identity theft than there are Slashdotters.
Don't write it, just patent the idea. Then let someone else write it, sell it and make big bucks off it. Then pull out your patent, hire a few lawyers, and retire on your windfall.
(Why not, everyone else is doing it?)
It's the only way to be sure. Central authorities always get corrupted. Validity of id-individual pairs would be determined by common usage. Cheating would occur via spampoganda.
Quick, patent the idea before Amazon or Microsoft do it.
-- No sig for you!
that's what makes it cool.
The difference between spam and poop is that you don't have to dig through septic tanks looking for real food. -- Me
Yep, in Denmark (and a few other enlightened countries) citizens get free personal certificates from the state (certifikat.dk). And we have this digital mailbox thing (e-boks.dk) that we can use to receive "ex-paper" mail from just about anywhere (IRS, banks, telcos, etc.) in addition to being able to store a couple of hundred megs worth of personal files in a safe server.
I get to store my own identity token (with a fallback in case I lose it), and I trust the authority to authenticate me and others. All my personal email is signed with my certificate (and all my work email is signed with my employer's employee certificate).
Doesn't cost me a dime, and is as trustworthy as any web certificate can be.
"Good news, everyone!"
Digital certificates already do all these things your web site does and they do it better. Why better ? because:
1/ With the notable exception of the CRL, they don't depend on a central server to be available to be verified.
2/ They can enforce non-repudiation of transactions and digital signature (i.e.: What is someone CHANGES some details on you site and the pretend they never did it?)
3/ They aren't as brittle as to rely on user-supplied password.
4/ They can easily be expanded to use secure devices.
The only advantage your system has over digital certificates is the fact that you can choose to provide only the details you want to a third party. And while this is not something that can be directly done with digital certificates, it's something that can be trivially implemented using them (sending signed and encryted VCards, for instance).
He just needs a system where it is EASIER TO PAY FOR THE SERVICE than it is to get another ID, for MOST people, MOST of the time.
Frankly, it's too much of a pain to get your first ID with the system he proposes. If the only benefit is that you get to use some silly software for a limited time, I'm sorry, but nobody's going to do it. There are competitors, including OSS, that will not have such intimidating barriers.
Not Found
The requested URL
Vista:XPSP2::ME:98SE
What you want to be able to do, to pin down the identity of a user is not wanted and not appreciated by most people.
People don't like:
Answering marketing questions. If a site asks me twenty questions I can't just randomly click through then I'm not interested. I NEVER answer them truthfully in the first place.
Threats like "Your IP will be logged". To those of you that do stuff like that: FUCK YOU
Address verification (for example CC AVS): Yeah right, so you can send me junkmail.
Credit card: Sure, you can have my credit card number... After all you might like to decide to convert my trial into a full sale because I couldn't afford a lawyer to check out the small print on your site. To those of you that do stuff like that: FUCK YOU!!
There are two kinds of identity:
1) A physical, human identity
2) A virtual identity
A virtual identity (like a company) is fine for accumulating reputation, trustworthiness, credit, and holding a bank account. The same virtual identity can also be prosecuted, with penalty in the form of the identity's reputation being impaired, perhaps even being terminated.
It really doesn't matter that humans or corporations could control umpteen different virtual identities.
People seem to get hung up as if there is some intrinsic unfairness to someone being able to have more than one virtual identity. Presumably these same people would also get upset by schizophrenics?
Why is it so important to pin down precisely which bag of flesh is operating a virtual identity? And why is it so important to ensure they can only operate one?
The inherent security of human memory enables us to assure that a virtual identity has one and only one controller (unless the controller decides to share their secret), we can also detect if the virtual identity is used in two or more locations contemporaneously and that enables us to discourage multiple controllers.
However, in order for us to assure that there is a one-to-one mapping between a human and a virtual identity, we'd need to figure out something that a human can only reveal/think one of. This is effectively a mental biometric. Perhaps there's a fingerprint/signature inherent in everyone's writing? Perhaps, an authentication test would require the operator to write 50 words on a particular subject? Perhaps the timings of each keystroke, choice of words, typos, etc. would confirm the human identity? But, what if the human was schizophrenic?
But, then so what? Even if we contrive to restrict a particular type of virtual identity to be generally limited to one per person, what has that acheived? We still don't yet know the bag of flesh. And still, why do we need to know?
On the other hand, why is the operator of a virtual identity interested in restricting themselves to a single identity, or in authenticating their physical identity?
Physical identity is simply totally irrelevant to e-commerce or any other kind of online transaction. It's only perceived as a need by those who can't face treating virtual identities as first-class citizens.
1) Legalities: Patriot Act, etc. Think like some libraries do: no records (IP logs, what have you) means they cannot be asked for. (Of course, this leads to the question: what do you do with the notarized documents sent to you, if you go that route? I suppose you could send them back to the user.)
2) Open source. Think like voting machine creators should: the source should be completely open so that the open source community can find any possible bugs, etc.
I'm sure the idea is technically doable, and I can see why you'd want it, but still it's not going to work. Thing is, if I have to type in anything at all besides a valid email address to qualify for a download, I will look for an equivalent offer by somebody else where no such nonsense is required (ahh, the freedom of the Internet). A free trial and similar goodies are mostly just not worth having to reveal your identity - that's the reason why all such schemes (Microsoft passport and lots of others) are stagnating in spite of the big money behind them. The free ;) market at work, God bless it.
And the answer that's worked well for them is: user lock-in.
Whatever your service is, once the customer has used it for a few months, they will have built up a non-trivial investment of their own in it. All you have to do is make sure that investment is non-transferrable, at least not for free.
E-mail addresses, for instance: the more people you've told about your e-mail address, the harder it is to change. And many people store old messages on Yahoo!/etc's server, so if they lost access to that specific Yahoo! account, they'd lose all those mails.
Or if your application involves creating and storing files, encrypt those to the user name. Then, if the user revisits the service under a different name, the old files will break.
Seriously, why is this even hard? The solution is in systems and procedures, not technology.
A non-anonymous registration system may not be practical for you to set up - it requires people to trust your website with a fair amount of information.
On the other hand an essentially anonymous registration system is flawed with the problem that people can always discard their old identity and get a new one.
The only way to prevent people from doing this is to (somehow) add value to their anonymous indentification, making it more valuable than a new identity so they do not wish to discard it. Also each new identity must be, essentially, worthless.
For the purposes of a registration for a free software trial, this is impossible, since you are, by definition, giving something away for free.
Perhaps you could require people to jump through some hoops, and click on a few ad banners, before you accept their registration. If the process is sufficiently arduous, and the trial is sufficiently short (I mean, do they really need a 30 day trial? Why not a 1 day trial? And make them earn it!) then the new identity becomes nearer to the worth of the product they get at the end. And with repetition comes boredom, and with boredom, the cost of precuring a new identity increases. Thus eventually they will say "sod it, I'm going to buy the bloody thing".
This is a bit like nagware, I suppose.
Your idea is good in theory but has several problems. I don't know that the minor benefits over certificates (no need to store a digital key; ability to limit information shown to another person) are significant.
You accept that forgery is possible (personally I would only accept absolute proof of identity through DNA). In that light, I see the main benefit of your system as linking misbehaviour/criminality to a digital identity. The identity would become worthless when linked to misbehaviour and the criminal would have to spend time/effort/money forging another one, acting as a deterrent to criminal behaviour. This only has effect where your system is employed.
The main problem is that not all people in the world have documents to prove their identity. We have had this debate on news.admin.net-abuse.email and found that in many parts of the world (including first-world countries like Britain), definitive proof-of-identity documents don't exist or aren't mandatory.
The second problem is that you require the confirmer of someone's identity to be registered too. This is too much to ask. The process requires effort, and most people use the internet to minimise effort. That's the advantage digital certificates have over your approach - no effort on the verifier's part.
Your whitepaper states: "Hopefully, as it grows, the Registry will be able to employ ever more sophisticated background checking methods to battle the fraudsters..." Unlikely - as it grows it will probably find itself swamped in paperwork and will have to *reduce* its background checking methods - unless you find an appropriate business model that is.
You want to physically send a passcode to the administrator - why not just digitally send them a ticket??
Your whitepaper states that the site could be "run by a quite small group of people". Excuse me? You want to be responsible for potentially verifying the identity of the entire world's population and yet "processing the incoming paperwork" could be handled "by a quite small group of people"?
Overall, I think it has potential to deter criminal behaviour for those who adopt it, but I doubt that it would be widely adopted.
OK, I have had this Idea for a long time. You set up RSA ACE SecurID servers (or something similar) in a few cities around the world with replication and fault tolerance. Then you issue tokens to people who send you money. You don't care who they are or what information they have. You provide the people who receive the tokens with a web page where they can create "org/alias" relationships. You provide organizations an authentication API over the internet. Now, I go to my bank. I create an account for "John Smith" I tell them that I will authenticate via my token, and you can validate/verify my authenticity by checking my passcode with the online anonymous ID service using the alias jsmithbank. Now I go to E-bay. I create an account called "sumn4nuthn" I tell them that I will a authenticate via my token, and you can validate/verify my authenticity by checking my passcode with the online anonymous ID service using the alias sumn4nuth. The authentication check "sumn4nuth+passcode" would only be validated if the SecurID Token holder registered EBAY as an authorized agent in the holder's alias list. Likewise the bank. The cool think about this scenario is that you could open accounts all over the place. Each one could be "ANONYMOUS" but at the same time UNIQUE and VERIFYABLE. The types of transactions that could take place with this type of setup would be amazing. I can only imagine the possibilities for money laundering. -Ben.
What happens if I lose my certificate or forget my password?? Users do this alot, which could possibly mean that you will have many dead ( and non verifiably so) entries in your database... and the user would not be able to make a new one as it might conflict with an existing one? or can a "superuser" modify the password/ unlock your data on request? *yawn*
Joke:
Why did the chicken cross the road?
Because it's safer to play on the freeway than to trust the safe keeping of your identity with any government,corporate, or organizational entity.
Now you want every site in the world to be able to verify who every user is? Unless you are in the porn industry, who cares?
Do I have to prove who I am to buy popcorn at the movies? Why should I have to prove who I am just to read your crappy web site?
Well, a simple example: Say you'd enable voting by internet. Now you'd certainly want to make sure that not someone creates a few million virtual identities which all vote. Otherwise the voting is only about who manages to create the most VIs. Also note that it's not necessary to connect that virtual identity to a specific physical one (quite the opposite: the voting system must effectively remove every trace from the physical entity to the vote), but only to ensure that every physical entity has only one virtual entity voting.
(Note that the system of the author of the slashdot article couldn't be used for that purpose because it explicitly maintains relations between physical and virtual identities)
The Tao of math: The numbers you can count are not the real numbers.
Remember:
"No taxation without representation"
If virtual identities are taxed, then why shouldn't each virtual identity get a vote?
But, again, we need to avoid thinking that just because we often have a need to establish physical identity that therefore all online analogues of real world activities must also tie in to the physical identity.
It's a hard problem, but perhaps it's generally unnecessary. If real people have to vote, then require that the real person is physically identified.
Alternatively, if you require that virtual identities can vote, require that the only virtual identities entitled to vote are those that pay taxes.
Impossible.
People are not onlive, identities are, and people can have multiple identities. Stop limiting what you cannot.
Free trials should either be limiting, or hard to sign up for, so the person doesn't do it without really wanting to. Besides, all you want to do is deter people. That'll keep the legitimate people from doing it, but won't stop the crackers who'll find a way anyway.
Good deterences are easy to find. Even ip address helps there.
Have you read my journal today?
Where have you been? Identification==evil. Everyone should be completely anonymous all the time. Anyone who wants to know anything about you is up to no good.
}sarcasm off{
Isn't this basically what CACert is all about? I would think if you got a CACert by proving your identity to local CACert agents, you could then just use your private key and somebody elses public key to essentially encrypt and "sign" pieces of digital identity for another party to discover. This could work very well with websites as you could basically give the website SSL key the right to view a few things about you without having to fill it in all the time.
It's 10 PM. Do you know if you're un-American?
There are already identity verification processes available on the web, and it doesn't require government involvement. Check out the Thawte Web of Trust. To receive a "trusted" certificate, you have to appear in person before at least two WoT notaries to have your claimed identity verified against real documents.
It's not perfect, but it's as trustworthy as what you describe.
There I was, browsing all the obvious entries of WikiPedia; Mandy Moore in a browser window, Britney Speers in a browser window, and my ol' trusty text editor sitting idle ready to ammend both those hag performers' WikiPedia documentary into a goat.cx free-for-all.
I thought it would be any easy hack, that every occurence of "Mandy Moore" had a "," trailing, thus I would create a new record at WikiPedia known as "Mandy Moore," in attempt to over-ride the existing "Mandy Moore" with "Mandy Moore," and the same for "Britney Spears" and "Britney Jean Spears" but alas I did not register and WikiPedia kept tabs on my IP Address.
Jibbor me terraflops, says I. If I want to hoist a new standard for these hag sirens, then it will need be done through both a dummy eMail address and a anonymous gateway or anonymous proxy service of some kind in order to conceal the IP Address which WikiPedia resolves to access from non-registered users; perhaps FreeNet, freenetmta, freeweb, or what I'm currently using Guardster.
But as for not knowing wether you want it open or closed source. Irregardless of which you choose, I suggest you get a copyright on your idea my friend. That way no matter which course you choose to take with your project the rights remain yours, so that no one person, or group can pervert your idea and use it in a way you don't like or even intended it to.
Granted I haven't read your model, but from the gist of the synopsis I think it is a brilliant idea.
Protect your intellectual property. It's like Acacia getting the patent on transmitting digital content. Which IMHO is a bullshite patent. Did they invent transmitting digital content over telephone lines, computer, or cable lines, hell no, yet they are making money from someone elses idea. Talk about money for nothing. A few thousand dollars to log the patents and file the paperwork == millions in extorted monies. That's one hell of a ROI.
I am Bennett Haselton! I am Bennett Haselton!
How do we know this supposedly named "Neil Gunton" character isn't really John Ashcroft in disguise?
Hmm... Give me all your information. I'm a "free" web site...