alt Hacker NewsThe point of a system like this is specifically that it’s accessible and not air gapped.
Being able to validate that a citizen is a citizen and their ID is valid inherently requires the system be accessible
The point of a system like this is specifically that it’s accessible and not air gapped.
Being able to validate that a citizen is a citizen and their ID is valid inherently requires the system be accessible
If you can't implement it securely then perhaps such an undertaking wasn't a good idea? In the vast majority of cases I don't see why PII ever needs to be available over the network for remote queries. For the purpose of verification isn't it sufficient to verify hashes or better yet to attest via smartcard?