[LINK] Thinking about security

[Darryl (Dassa) Lynch]

link-bounces at anumail0.anu.edu.au <> wrote:
|| At 10:01 PM 19/08/2006, Darryl (Dassa) Lynch wrote:
|||  It may be beneficial to the end user to be fully aware of all the
||| implications and to make their own choices.
||| 
||| Are we being arrogant in assuming we know best?
|| 
|| I'll extend this question, if you don't mind, Dassa. I'm on
|| a panel for the ENUM trials and raised this question. They
|| are requiring that registrants for enum service provide
|| identity authentication via a stat dec of copies of
|| documents the same as those required for prepaid mobiles. My
|| concern is that the registrars will then be handed highly
|| authentic user identity information in paper form
|| accompanied by the witnessed stat dec. Are agencies that
|| normally work with electronic data security sufficiently up
|| to the task of securing paper documents any more?

They are most likely better than most at maintaining security.  It should be
something they are used to and can adopt to easily.

|| If doctors who live in an ethos of confidentiality can't
|| even dispose of their patient records properly consistently,
|| then why would I trust a faceless telecommunications company
|| with my documents and sending them through the post as well?
||  What do linkers think about this? Am I being too paranoid?

A great deal depends on trust also, I don't trust many organisation that were
traditionally paper based to handle security correctly.  It is something they
aren't used to.

|| and do you think the person in the street would go to the
|| trouble of getting a stat dec of this information in order
|| to get enum capabilities?

Getting people to do anything outside of their normal activities is difficult.
The want will have to be fairly high.

Darryl (Dassa) Lynch