Educause Security Discussion mailing list archives

Re: Identifiers on ID Cards

From: "David L. Wasley" <dlwasley () EARTHLINK NET>
Date: Fri, 16 Dec 2005 11:44:09 -0800

Well, if you're going to reissue a credential with the same
identifier, you will require some way to invalidate the prior, stolen
credential.  PKI offers that function but it also requires some
infrastructure to support checking.  :-/

When I was working on this, I felt that no identifier issued for
another purpose should be used, e.g. SSN or student ID or email
address.  It creates an interdependency between two functions that
could cause problems if it is necessary to change the binding between
that identifier and the physical person.  Instead, I proposed "a
unique (integer or string) identifier that would link to a database
entry for the subject and never be re-issued to a different physical
person."  That identifier need never change unless it becomes
compromised.  Meanwhile, every other piece of information about the
subject could change and the credential would still be valid.

If the identifier were to become compromised, e.g. the credential
containing it was stolen or lost, a new identifier could be created
for that physical person, pointing to the same data, and a new
credential issued.  (Of course, with PKI one could simply invalidate
the old credential and reissue one with the same identifier ;-) )

        David

-----
At 9:19 AM -0800 on 12/16/05, Karen Eft wrote:

Dave,
I'm not aware of existing policy here on this point, but I really like your
suggested principle of "encoding with an identifier that is re-issuable".

If I confirm that this is not already included in our policy/guidelines
somewhere, I'm going to see about adding it.
--Karen

On Dec 15, 2005, at 11:46 AM, Dave Huth wrote:

I'm wanting to learn more about best practices associated with what
type of identifiers to encode on ID Cards.  There doesn't seem to
be anything in the list archives on this subject - does anyone have
any good references.

The types of questions surround the apporpriate type of identifier
to encode.  For instance is it a wise move to encode things like
Student/Employee ID, Login ID, and those types of identifiers that
are very difficult to change/re-issue; or should the Card be encoded
with an identifier that is re-issueable if the card is lost/stolen
and let a directory link that identifier with an individuals
collection of identity data?

Thanks,

Dave Huth
University of Utah

======================================================
  Karen E. Eft   Information Technology Policy Manager
  UC Berkeley (510)642-4095 http://itpolicy.berkeley.edu
 ======================================================

Current thread:

Identifiers on ID Cards Dave Huth (Dec 15)
- <Possible follow-ups>
- Re: Identifiers on ID Cards Karen Eft (Dec 16)
- Re: Identifiers on ID Cards David L. Wasley (Dec 16)
- Re: Identifiers on ID Cards Gary Dobbins (Dec 16)
- Re: Identifiers on ID Cards jack suess (Dec 17)