-
Presumably this is the simplified version and there’s a security professional who truly understands the nature of multi-factor authentication behind this development. Two things I expected to see mentioned and didn’t: open standards (it would be a massive mistake to select a proprietary approach) and national identity cards.
-
A helpful SEO spammer used text from this paper in a comment on my blog and drew my attention to it. Very interesting explanation of why control detracts from community. Remember, trade control for influence!
Filed under: Links |
Wild Webmink 
The NSTIC full doc is linked at the front page: http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf
The standards requirements are enable interoperability. Openness is desirable, but it would be as bad a mistake to exclude closed standards as to exclude open ones (as doing so would exclude entire classes of identification system). Note that there is no expectation of a single standard; it is expected that multiple standards will be in use as the strategy aims to include participation by any system that can usefully function as an identity system.
National identity cards would clearly be a usable identity system in those jurisdictions which (a) have them and (b) have the means for them to participate in online transactions; the same is true for any other card system (credit cards, phone SIMs, …).