A better approach to security

[Jim Cheetham <jim AT inode.co.nz>]

On 11/04/11 08:35, Benedikt Heintel wrote:
> A friend of mine is Indonesian and she has two names with none of them
> is a family name. All her siblings have two totally different names. Her
> father has only one single name. If they want to open up a CAcert
> account [1], they won't be able, since you need to key in a first and a
> family name.

It sounds like it is the web form that is incorrect, for forcing an
arbitrary split in the name.
AP 2.1 http://www.cacert.org/policy/AssurancePolicy.php#2.1 does not
describe names as being split into multiple sections.

Placeholder values might be a solution, but the literal "LNU - Last Name
Unknown" is inaccurate because the 'last name' is not unknown. Well,
actually as there is only one "name", both the First and Last must be
the same :-)

So the case of "Suri" entering "Suri Suri" is defensible, but it would
not be possible to match this with official documentation.

I also know of at least one person who has a single element to his Name,
and this is what appears on his passport.

I think that the web interface should be recording a single input field
for "Name". This is probably a very large-scale change.

-jim