1997-01-03 - Re: Internal Passports

Header Data

From: Bill Frantz <frantz@netcom.com>
To: “Timothy C. May” <cypherpunks@toad.com
Message Hash: 37e8b64ea173b1bf8311934e20828c249dc42aaabe91f4f5ecbc49b1cbe07fdb
Message ID: <v03007800aef2f057bb42@[]>
Reply To: <v0300780caeefb53f8b00@[]>
UTC Datetime: 1997-01-03 17:34:41 UTC
Raw Date: Fri, 3 Jan 1997 09:34:41 -0800 (PST)

Raw message

From: Bill Frantz <frantz@netcom.com>
Date: Fri, 3 Jan 1997 09:34:41 -0800 (PST)
To: "Timothy C. May" <cypherpunks@toad.com
Subject: Re: Internal Passports
In-Reply-To: <v0300780caeefb53f8b00@[]>
Message-ID: <v03007800aef2f057bb42@[]>
MIME-Version: 1.0
Content-Type: text/plain

At 7:32 PM -0800 1/2/97, Timothy C. May wrote:
>At 10:35 PM -0800 12/31/96, Bill Frantz wrote:
>>At 11:02 AM -0800 12/31/96, Timothy C. May wrote:
>>>There have been several reports cited here recently about changes in the SS
>>>laws to make the SS number more of an ID number. ...
>>>And concerns about "identity theft" when such a simple thing as an SS
>>>number is the key to so many records, rights, etc.
>>I don't see how you can have the SS number be both a public ID number and a
>>secret password.  Perhaps you could have it be one, but not both.  It seems
>>to me that parts of our society are trying have it be a password and parts
>>a public ID number.  (Perhaps the same parts?)  Doing both just won't work.
>>(Using SS as a password is subject to all the stealing and replay attacks
>>that make passwords a really bad idea for secure identification.)
>I never made such a claim, that SS numbers are any kind of secret key or

Sorry for the confusion.  The "you" was meant in its plural form, and
probably should be replaced with "one".  If I understand your position
correctly, you would prefer to have no SS numbers (or Social Security

>The phrase "identity theft," not coined by me, is a recent term of art
>involving the ease with which those with access to a person's SS number can
>then acquire credit cards, etc.

Sounds like the SS number is acting as a password which gives access to
privileges.  Or perhaps just a key which allows you to look up tokens in
public databases, which give access to privileges.  Either way, it needs to
be kept secret which is at odds with it acting as public person-ID number.

Bill Frantz       | Client in California, POP3 | Periwinkle -- Consulting
(408)356-8506     | in Pittsburgh, Packets in  | 16345 Englewood Ave.
frantz@netcom.com | Pakistan. - me             | Los Gatos, CA 95032, USA