I read the federal government’s Zero-Trust Memo so you don’t have to

(www.bastionzero.com)

656 points EthanHeilman | 2 comments | 27 Jan 22 15:06 UTC | HN request time: 0.485s | source

Show context

adreamingsoul ◴[27 Jan 22 18:02 UTC] No.30103816[source]▶

Here in Norway we have BankID which uses MFA. To access any government, banking, or official system you have to authenticate with your BankID.

Its simple amazing.

replies(8): >>30103945 #>>30103980 #>>30104019 #>>30104025 #>>30104329 #>>30104701 #>>30104874 #>>30113601 #

jollybean ◴[27 Jan 22 19:06 UTC] No.30104701[source]▶

>>30103816 #

That's all good except for the 'bank' part.

It was expedient but banks are not the orgs. that should be running that.

Every nation needs to turn their Drivers ID and Passport authorities into 'Ministry of Identity' and issue fobs, passwords that can be used on the basis of some standard. Or something like that, maybe quasi distributed.

replies(2): >>30106218 #>>30109138 #

1. kelnos ◴[27 Jan 22 20:36 UTC] No.30106218[source]▶

>>30104701 #

I hear people say all the time that, in the US, the Postal Service would be great for this, and I can't help but agree. Sure, they'd have to develop in-house expertise around these sorts of security systems (just as any new federal government agency put in charge of this would have to do), which could be difficult. But they have the ability to distribute forms, documentation, and tokens to pretty much everyone in the US, with physical locations nearly everywhere that can be used to reach those who don't have physical addresses.

replies(1): >>30110236 #

2. thaeli ◴[28 Jan 22 03:00 UTC] No.30110236[source]▶

>>30106218 (TP) #

So does the Social Security Administration, and they already administer the closest thing to a national ID number we have..

↑