Policy-Discussion

[Sven Anderson <sven AT anderson.de>]

Duane wrote:
> Sven Anderson wrote:
>
> > Still don't see the causal nexus here. Why does the entity have to be more
> > unique than all the certificates, that will ever identify it. Or are there
> > certificates with date of birth planned?
>
> What would be the point in that?
>
> So you have a certificate and they did "bad things", now what, you don't 
> know a name, you don't know anything else about them other then they 
> have a certificate with fake information in it.

I'm not asking if it would be useful to have certificates with DoB. It's 
just the only reason I can imagine, why there is a need to collect the DoB.

As you realised before, many people are interested in this kind of data, and 
you stated that you want to make sure, that these people will never get that 
data. Well, the only way, to make sure you are never knowingly or 
unknowingly give out the data is: don't store it.

If you _really_ need data like DoB for uniqueness (but I really don't see 
that), you can use hash values based on combinations like name, DoB and 
email address for instance, that's just as unique but you don't need to 
store the original data.


Cheers,

Sven