every situation involving long-distance authentication is going to involve some kind of suite of documents. the problem with both systems is that there's a single document that, if compromised, makes identity recovery a pain.
i think we need to take a page from the error correction community and start finding ways to build in smart redundancy. it seems like the priority should be on minimizing the damage that can be done in the worst case by any one document being compromised, and to do this in a way that doesn't increase the risk of document security violations occurring.
that is, i like the fact that when any one form of identification has been compromised, i can still assert my identity relatively easily by bringing all the others to bear against it. your system, as originally described, seems to have less of this kind of redundancy than the current system (except of course for the higher-cost restart/nuclear option), and this makes me jumpy.
no subject
i think we need to take a page from the error correction community and start finding ways to build in smart redundancy. it seems like the priority should be on minimizing the damage that can be done in the worst case by any one document being compromised, and to do this in a way that doesn't increase the risk of document security violations occurring.
that is, i like the fact that when any one form of identification has been compromised, i can still assert my identity relatively easily by bringing all the others to bear against it. your system, as originally described, seems to have less of this kind of redundancy than the current system (except of course for the higher-cost restart/nuclear option), and this makes me jumpy.