LPI will be maintaining a database with information on people who took
one or more exams. It will be needed to administer the certification
status of the candidates, and also to monitor the quality of the exams.
It is our intention to take good care of privacy issues so that in
principle personal information will not be disclosed without consent.
There are however some specific details that we would like to hear your
opinion and thoughts on.
I is our intention to make a public register where anybody can verify
the certification status of an individual.
(* 1 *)
Do we make it a policy that for all people who took one or more
exams, the certification status can be polled anyway ? (i.e., we won't
tell that he failed the L.II exams 5 times, but just that he has an LPIC-1
certification since date so-and-so).
Or do we make it a policy not to disclose this information unless the
candidate made explicit that he wants to participate in this service?
The other major issue is, what do we use as a unique personal
identifier? There are several options:
A) full names
+ personal
- probably not unique
- variant spelling
B) social security code
+ personal and unambiguous, but:
- different format in different countries
- maybe not unique (the same number for different persons in different
countries)
- illegal to use by a non-government agency in some countries (e.g.
Canada)
C) generated unique ID (number)
+ unique, unambiguous
- semi-secret (what is the ID of a certain person?)
- not personal: people may claim an ID that isn't theirs but they know
it has a high level of certification; how can an outsider check the fraud?
- easy to poll for the certification status of all candidates (by
polling all possible ID's) instead of just an individual.
The typical use for the certification-verification service would be that
a prospective employer can check the certification status of a candidate.
(* 2a *)
Do we want the employer to be able to do that independent of the
candidate, i.e. he is able to guess or obtain the ID used in our database?
Or do we require active participation by the candidate, who would need
to disclose his semi-secrte ID ?
The answer to this question determines the type of ID we can use.
We want the prospective employer also to be able to verify that the
status actually belongs to that person, so a name should probably be used
in the procedure.
(* 2b *)
Do we require the name as part of the input data for the
certification-verification service ? (if a valid answer is returned, the
name matched the rest of the ID); it is easy to make errors in names
however.
Or do we return the name with the certification status ? (so he can
check that the ID belonged to the candidate): this may be vulnerable to
breach of privacy.
Please send your ideas.
--
#>!$!%(@^%#%*(&(#@#*$^@^$##*#@&(%)@**$!(&!^(#((#&%!)%*@)(&$($$%(@#)&*!^$)^@*^@)
Tom "thriving on chaos" Peters
NL-1062 KD nr 149 tel. 31-204080204
Amsterdam e-mail [EMAIL PROTECTED]
________________________________________________________________________
This message was sent by the linux-cert mailing list. To unsubscribe:
echo unsubscribe | mail -s '' [EMAIL PROTECTED]
