1996-10-18 - Identity is Just Another Credential…

Header Data

From: “Timothy C. May” <tcmay@got.net>
To: cypherpunks@toad.com
Message Hash: 0e498e553ec597bbc37d0f804cedf1523f0efc9537503dc47e674c84c79b763d
Message ID: <v03007802ae8d7b9f42be@[207.167.93.63]>
Reply To: <199610181520.IAA05554@crypt>
UTC Datetime: 1996-10-18 17:23:17 UTC
Raw Date: Fri, 18 Oct 1996 10:23:17 -0700 (PDT)

Raw message

From: "Timothy C. May" <tcmay@got.net>
Date: Fri, 18 Oct 1996 10:23:17 -0700 (PDT)
To: cypherpunks@toad.com
Subject: Identity is Just Another Credential...
In-Reply-To: <199610181520.IAA05554@crypt>
Message-ID: <v03007802ae8d7b9f42be@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain


At 8:20 AM -0700 10/18/96, Hal Finney wrote:

>Somehow too it is hard to see how to sell a system as a privacy enhancement
>when its first step is to take fingerprints of the whole country.  "But
>we're not saving your names, honest!"  I don't know if it would fly.
>
>Tim May argues that alternative solutions which are more local will be
>better.  In the case of the abuse situation, maybe you could just have
...

Indeed, I believe "identity is just another credential," not necessarily
very important. I sometimes exaggerate this point a bit by saying, "Your
key is your identity." Carl Ellison made a similar point, yesterday.

(By "identity" I mean the popular notion of unique, biometric, True Name
identity. Other forms of identity exist as well, such as usernames (bound
to passwords), phone numbers, corporate names, etc.)

Identity--the True Name sort--is sometimes useful, but is often given
exaggerated importance.

For example, I've met "Hal Finney," but, for all I know, he's as fictional
a person as "Lucky Green" is. In fact, it was not until fairly recently
that I even learned "Lucky Green" is not his True Name...I had assumed the
"Lucky" part  was a nickname, of course, but that the "Green" part was
real. I  had no reason to suspect otherwise, no need to demand proof of his
True Name (such as things are here in the U.S.), etc.

The "is-a-person" debate is one we should be careful to consider the real
issues for. As Hal (or whomever he is) notes, starting with a comprehensive
data base of True Names, fingerprints, etc., and binding them to
is-a-person credentials is potentially very dangerous.

(And from a libertarian/anarchist point of view, I don't want to pay for
such a Big Brother infrastructure, nor do I think it gets at the real
issues. If identity is just another credential, and the exchange of
credentials is based on mutually agreed-upon arrangements, then mandating
an identity credential is a Bad Thing.)


--Tim May

"The government announcement is disastrous," said Jim Bidzos,.."We warned IBM
that the National Security Agency would try to twist their technology."
[NYT, 1996-10-02]
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."









Thread