It sounds like a great system. Let’s hope that it’s designed and implemented to a high standard, because systems like this one have no margin for error. Even when bad implementation leads to errors that aren’t serious, as with the UK Passport Office, it can have a very bad impact on confidence. Look at the impact of yesterday’s HMRC failure: no data was lost or compromised, yet public faith in government ID has been seriously undermined.
Of course, when bad implementation or an incomplete understanding of PKI leads to errors that are that serious, the results can be disastrous. India has a PKI-based digital signature system managed through digital certificates issued by licensed CAs. The CAs are authenticated by the Controller of Certifying Authorities (CCA) who is the root certifying authority in India. Every digital certificate owner therefore needs to download the digital certificate of the certifying authority as well as the digital certificate of the Controller when he has to install or verify the end user certificate in his system. In October 2007, this CCA site (which is supposed to be 24/7) went down. This meant that no-one could authenticate certificate chains. I’ve no idea how much this actually cost businesses, but in a future society where all sorts of transactions are conducted digitally and demand authentication, this kind of centralised solution is an obvious weakness. Surely an intelligent terrorist would want to cripple this kind of root rather than waste time blowing up the odd building here and there.
Still, I’m sure it’s now well understood that building a large identity management system with a single central point-of-failure is, essentially, designing-in failure.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]