zlacker

[return to "I read the federal government’s Zero-Trust Memo so you don’t have to"]
1. tims33+rD[view] [source] 2022-01-27 18:06:29
>>EthanH+(OP)
Really pleasantly surprised at how progressive this memo is. It will be interesting to see the timelines put in place to make the transition.

Btw - I'd love to see the people who put this memo together re-evaluate the ID.me system they're implementing for citizens given how poor the identity verification is.

◧◩
2. YeBanK+1B1[view] [source] 2022-01-27 22:08:58
>>tims33+rD
I have an issue with using ID.me for government websites, because it is a privately owned company. Online authentication at this point seems as important as USPS service and warrants being owned and developed by the government itself.
◧◩◪
3. dmd+y22[view] [source] 2022-01-28 00:44:06
>>YeBanK+1B1
They even HAVE this already, at https://login.gov/ !
◧◩◪◨
4. tialar+Y62[view] [source] 2022-01-28 01:17:18
>>dmd+y22
I have a login.gov account. Needless to say I'm not a US citizen, and the IRS should not cut me a refund check.

ID.me supports WebAuthn (or maybe U2F? In this context it doesn't matter) but importantly it does identity verification so it can determine whether I am a US citizen, whether I'm a tax payer, and if so which one.

Now, perhaps the US Federal Government should own the capability to do that instead of a private company. But, so far as I can tell, they do not and login.gov is not such a thing.

[go to top]