If by "the previous way" you mean "knowing your social security number", then that's intentional. In its place it would put a battery of similarly weak questions, such as "what's your mother's maiden name" or the like, the kind of thing you set up in case you forget a password. I suppose "what are the last four digits of your SSN" could be among them, but it's a feature of this system that the SSN is not regarded as secure.
Similarly, I do want to deprecate the use of possession of documents without any corroborating recent biometrics, such as a social security card (no biometrics) or birth certificate (no current biometrics) as meaning anything. Thus photo ID such as a passport or driver's license, especially if it listed height/weight, would still play a very important role. You'd only need to visit a notary with witnesses if you'd lost all of that, to get a certificate of identity issued without any documents attesting to your identity (the witnesses would need ID). To register a key, you'd go somewhere that generates keys (notary, post office, bank, etc.) and get the key along with a receipt signed by the establishment attesting that they gave the key to someone who authenticated as you, in whatever manner you so authenticated.
It's true that authenticating as yourself on short notice if you are not present in person and have lost any relevant documents is going to be either difficult or provide very weak authentication. That's how it actually is — I'd prefer a system that doesn't paper over it and then make people jump through unfamiliar, punitive hoops on those occasions when it actually becomes an issue.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
branchandroot
(no subject)
Date: 2007-02-12 12:09 am (UTC)Similarly, I do want to deprecate the use of possession of documents without any corroborating recent biometrics, such as a social security card (no biometrics) or birth certificate (no current biometrics) as meaning anything. Thus photo ID such as a passport or driver's license, especially if it listed height/weight, would still play a very important role. You'd only need to visit a notary with witnesses if you'd lost all of that, to get a certificate of identity issued without any documents attesting to your identity (the witnesses would need ID). To register a key, you'd go somewhere that generates keys (notary, post office, bank, etc.) and get the key along with a receipt signed by the establishment attesting that they gave the key to someone who authenticated as you, in whatever manner you so authenticated.
It's true that authenticating as yourself on short notice if you are not present in person and have lost any relevant documents is going to be either difficult or provide very weak authentication. That's how it actually is — I'd prefer a system that doesn't paper over it and then make people jump through unfamiliar, punitive hoops on those occasions when it actually becomes an issue.