[Cryptography] After Equifax pwning, what is the best means for replacing the SSN?
John Levine
johnl at iecc.com
Wed Sep 13 21:53:45 EDT 2017
In article <CAPYK2_wvKTAiPA6qVKaz2Dy=OGHFE1HMDkNxskCDvkj0j7hc_g at mail.gmail.com> you write:
>> Universal ID cards are not objectionable to most people; again,
>> driver's licenses basically act as this in practice. Passports are
>> also commonly used for this purpose.
>>
>
>An important difference between drivers licenses / passports and SSNs is
>that the former are reasonably tamper-resistant and are multi-factor
>authentication (photo and signature), making them much better for ID
>purposes than SSNs.
Don't confuse the SSN which is a number with a driver's license or
passport which is a physical token. My DL and passport each have a
nine digit number which would be just as lousy a global ID as the SSN
is.
R's,
John
PS: Yes, I know they send you a social security card, but it's just a
piece of cardboard with your name and number.
More information about the cryptography
mailing list