Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If you can't implement it securely then perhaps such an undertaking wasn't a good idea? In the vast majority of cases I don't see why PII ever needs to be available over the network for remote queries. For the purpose of verification isn't it sufficient to verify hashes or better yet to attest via smartcard?


You can, they didn't; big difference.


By "can't" I mean "not capable" or "not going to in practice".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: