Gov’t IS the solution to ID – Change my mind

From IIW

Government IS the Solution to ID – Change My Mind!


Tuesday 4C

Convener: Michael J. Rodriguez, Mitre, mjrodriguez@mitre.org

Notes-taker(s): Scott Mace


Tags for the session - technology discussed/ideas considered:


Government credentials, public vs. private


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


Mike from Mitre. Government is the solution to identity. Change my mind.


Work with the identity access section of the air force


Trying to move to mobile and off of identity access card.


Government doesn’t like any of the solutions available.


Instead of the government have vendors provide ID for us, why doesn’t government just start providing our digital identity? We all get birth certificates. We get drivers licenses and passports. A national PKI. A base identification you could leverage for any org or service, banks, schools, etc.


When you die, the government finds out about it. Maybe at that point they can revoke your identity. It makes sense government should manage it. They’re already in this space whether you like it or not.


Jack: I’ve been working in the government ID space for many non-U.S. governments. It’s a pretty good ID provider. They know a lot about us. The ID proof they can issue about us and the legal framework. They do digital ID. Your passport is a digital ID. It’s interoperable. Everybody can read it and use it as a formal proof of who you are. The question is how do we go one step forward and use it in every day life. Could be for identity access management, registering on a web site, opening a bank account.


Which countries in particular?


Quite a lot. India, Hong Kong, Macau, Philippines, Thailand, France, Spain, Germany, Italy. Considered Fido & OpenID, but no clear trend.


Q: All 200 governments working together?


Mike: Starting from a state level. Texas PKI, everybody born in Texas gets a public & private pair. Share trust among the CAs.


Q: Governments do claims, component parts of identity. Should be a way of claiming my digital passport. That way, every government can give you a claim, put the onus on the verifiers, not on the givers.


Mike: The infrastructure is there.


Q: Need some form of standardized verification – i.e. biometric.


Q: Government is both an issuer and a verifier.


Q: One criticism is government doing it is expensive.


Q: One criticism: government solutions can’t keep up with industry solutions. Government doesn’t always know where to start.


Q: The only thing government has to do is choose one of the methods to distribute claims. If they get it wrong, they can switch that out.


Q: DHS facial recognition to open an airline gate, within 5 seconds. Never provided a prior picture to JetBlue. That genie is out of the bottle, using biometrics.


Q: Identity should be a relationship to multiple sources.


Q: Issue of asylum seekers.


Mike: Soldiers scanning irises in Afghanistan.


Kaliya: They already have that. You’re mixing domains up. I wrote my Master’s thesis, the domains of identity. Government identity is foundational. It becomes the thing a whole set of other institutions acquire. Such as opening a bank account. What’s critical, I just spent 2 months in India, when you use the national ID, it phones home to the Indian government and tells you everywhere you use it. Very different than SSI architecture where they have no business knowing where you use it. A difference between an authentication service and an identity provider. Identity is different than our ongoing use of it.


Q: Who is to say 100 years from now we in the U.S. won’t be the refugees?