but in the financial case ... you don't have to identify them (aka their DNA) ... you just match them and the account. absolutely no identity needed. If i deposit a large sum of money and want to be the only person authorized to transact on the account ... there is no need to present identity cards at all (fake or otherwise). Supposedly, swiss bank accounts have worked that way in the past .... totally authenticated transactions, absolutely no identity. There are misc. other issue related to govs. wanting valid identities involved ... but they are extraneous to the issue of authenticating that the entity attempting to transact on the account is actually the entity authorized to transact on the account. There can be a extremely high level of confidence in an authentication system as to the entity attepting a transaction is the entity authorized to do a transaction and absolutely no identity information need to be involved. Identity information may come into play with regard to financial accounts .... but they can be totally extraneous to authenticating valid transactions.
In fact, one of the issues with regard to "relying-party-only" certificates (mentioned in previous post) was 1) institutions not wanting to take 3rd party liability and 2) all identity information was totally eliminated from the certificate ... leaving just the account number. This was specifically because it was an invasion of privacy that extraneous parties (like merchants) that the transaction might pass thru (and its end-to-end route) might examine the information; besides the identity information being totally extraneous and superfulous. That is a separate issue from also being able to show that just attaching such a credential was unnecessary, superfulous, redundant and extraneous (futhermore a credential that doesn't exist is even more private than a credential that has had all the interesting information removed). [EMAIL PROTECTED] on 11/05/2001 11:15 AM wrote: The real trick is identifying the person the first time. The person is a stranger and the person trying to identify them couldn't tell a fake ID from a real one. John --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]