This system hasn’t lasted ~90 years because they just throw someone in a chair and let them figure it out on the job.
Any reliable system, electro-mechanical or digital, needs thorough user training and checks.
The worry with this one is it’s a single authoritative record with no easy way to backup or replicate it. They say there are non-authoritative (at least legally) digital versions of most(?) of the records. I hope/assume they’re actually more consistent with that than the video makes it seem because those are the only feasible off-site backups they really have. If not one fire is all it would take to wipe out an entire countries SSA program.
This is a government office. A government should be able to build the technical knowledge required to keep a private signing key secure.
I do agree that individual-to-individual cryptography is more difficult, but how often do you need to check the authenticity of a document from a friend or acquaintance, digital or otherwise?
Well, a bank. A financial transaction. Health records. Not just email to your friends.
Government has the technical knowledge - heck many people here have that - but implementing a standard is a different problem, it’s a political problem. A pit full of vipers, in a sense. We’re unlikely to see standardized crypto signing anytime soon. At least IMO.
When used completely and properly. Which rarely, if ever, happens because it requires end-users to know how to use keys and keep them offline somehow.
This system hasn’t lasted ~90 years because they just throw someone in a chair and let them figure it out on the job.
Any reliable system, electro-mechanical or digital, needs thorough user training and checks.
The worry with this one is it’s a single authoritative record with no easy way to backup or replicate it. They say there are non-authoritative (at least legally) digital versions of most(?) of the records. I hope/assume they’re actually more consistent with that than the video makes it seem because those are the only feasible off-site backups they really have. If not one fire is all it would take to wipe out an entire countries SSA program.
This is a government office. A government should be able to build the technical knowledge required to keep a private signing key secure.
I do agree that individual-to-individual cryptography is more difficult, but how often do you need to check the authenticity of a document from a friend or acquaintance, digital or otherwise?
Well, a bank. A financial transaction. Health records. Not just email to your friends.
Government has the technical knowledge - heck many people here have that - but implementing a standard is a different problem, it’s a political problem. A pit full of vipers, in a sense. We’re unlikely to see standardized crypto signing anytime soon. At least IMO.