[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Cryptography] After Equifax pwning, what is the best means for replacing the SSN?
- From: erik <erik AT erikgranger.name>
- Subject: [Cryptography] After Equifax pwning, what is the best means for replacing the SSN?
- Date: Tue, 12 Sep 2017 14:23:35 -0400
- Arc-authentication-results: i=1; mx.google.com; dkim=neutral (body hash did not verify) firstname.lastname@example.org header.s=erikgranger.name header.b=jZOEECwU; spf=pass (google.com: best guess record for domain of cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com designates 220.127.116.11 as permitted sender) smtp.mailfrom=cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:user-agent:message-id:date:to:from:dkim-signature :delivered-to:arc-authentication-results; bh=LQGoXFhbFc6jo1vFmDYvjeO+45ybp/zmILhuKCURjgc=; b=apmUlGZzmeRfweTzPyi3jHQLMzAyiRvUWsJ6chKwUzPcmcsLH2edFqgBFoft6MK1+T A6w9bwMrwPh48VjAzvLxyR78O0dmdySt0Ar66Wu3LdoH1fNAnaHr4xYKgt4v7GZB4liU 7+tDp1T/Ifi+1/vIGtEfSnkwxjysBIR9tymXE0RP1dFZPoYi2n6MnOSqj1BZjWFo2SUA OMGcv8TpCl+XsYHg6EzFyT4ZepADtVbxcO2Iuy5Gqm+Iw4rjridnHHsni0ApiUGbsKLL yo3LdTVcRRVHm4rM5MpDEeTviDNUW6VkBVijg4uET6X33oW/J7s8xN2Tkx3IO6+Ol4Ai 8wYg==
- Arc-seal: i=1; a=rsa-sha256; t=1505242776; cv=none; d=google.com; s=arc-20160816; b=cKpnCBVWTFQnvdYwf10DYTRWXznehjKYAIN7Of9KJR43AzRsZf/RwpNPSCGq7BCzEp UPdIT6obd/mDqr2uirnJH3vhdEVtrm2r/cIeoumBseq7jf7DWKa2tJ3s9b+Z/uMvBI4R PbBAZd1RmkC2gz6Gwt5HJKmuCBqDxQ3bf8Wg3v+AcFIc3X6e6UqP2flr01GP/hN8NlLS Uay/QxHvYaZC/dbUyMHKy8NGF5Kp1Xmpdz5zvUfHRhA6KzBbvma3CvM1r3jhFRkIglxg BDumewHTeXvlMsWm5mRRog+gCkLreJcM1cuz6bMCFvNd/rbb7vTnn4cjB/sZ10wUSTky RpEg==
- List-archive: <http://www.metzdowd.com/pipermail/cryptography/>
- Sender: "cryptography" <cryptography-bounces+ben=bentasker.co.uk AT metzdowd.com>
- To: cryptography AT metzdowd.com
Hello. Equifax was pwned, and I'm sure you all already are aware.
It make syou wonder, however, why a single 9-digit number is capable of such
destruction. Why is your identity 9 digits long?
Sure, there are birth certificates as well, but the social security number is
quite a strange phenomenon.
So, here's a challenge for you guys if you're interested: Replace the social
security number as a means of identification, and do it in such a way that
meets some basic criteria.
-It has to not be completely objectionable and possibly evil (ie, a universal
identification card or microchipping or requiring blood to be drawn, people
-It has to be relatively unforgable, or as unforgable as you can figure out
how to make it
-It has to be suitable for not just applying for Social Security benefits, but
also for applying for loans, mortgages, etc.
I really enjoyed reading the "Have I Been Pwned" discussion that is being had
on this list. Hopefully this will also be an interesting conversation.
The cryptography mailing list
cryptography AT metzdowd.com