Difference between revisions of "Expiry"

From MgmtWiki
Jump to: navigation, search
(State Issued IDs)
(State Issued IDs)
Line 21: Line 21:
 
The following [[Expiry]] dates and events can apply to a driver's license. Complications arise because the license card is also used as an ID card.
 
The following [[Expiry]] dates and events can apply to a driver's license. Complications arise because the license card is also used as an ID card.
 
# Driving with an expired license is a crime, but any judge can revoke a license at any time. That order can likewise be removed.
 
# Driving with an expired license is a crime, but any judge can revoke a license at any time. That order can likewise be removed.
# When a new license is issued, the old one typically has a hole punched in the card, a receipt for the new card is printed and the new card is mailed to the licensee.
+
# When a new license is issued, the old one typically has a hole punched in the card, a receipt for the new card is printed and the new card is mailed to the licensee. Now the card is revoked for driving, but is explicitly still valid for ID, although that may, or may not, be honored by a verifier.
 +
For a Digital Driver's License thing get even more complex. Note in particular that the license is a grant of a right to use the public roads. Calling the card a license is conflating the idea of license to drive with a card expressing that license.
 +
# The Issuer of the license has a certificate with a finite expiry date.
 +
# The "mDL" is represented as a bag of bits which is typically called an mdoc and which has an [[Expiry]] data which may be significantly shorter than the license.
 +
# When the mdoc [[Expiry]] date triggers, it is not the mDL that expires, but the mdoc.
 +
# The value of the expired mdoc after [[Expiry]] for identification is not clear at this point.
 +
# Recall that the license ID number is based on the mDL, not on the mdoc. So the mdoc is what is evaluated, but the mDL is what is a legal right to drive and most states continue to require a physical card to be present when driving.
  
 
==References==
 
==References==
  
 
[[Category: Certificate]]
 
[[Category: Certificate]]

Revision as of 16:25, 21 June 2022

Full Title or Meme

Certificates and Credentials typically include an Expiry date-time or event, such as "on first use".


Context

  • Many digital documents include a start data and an Expiry date.
  • Many digital documents include a nonce or serial number which typically is used to ensure that the document is only processed on time, and then expires.

Problems

Expiry can be devilishly difficult to determine.

  • Typically, a Certificate will expire on a give data and time, which seems very clear.
  • When a key with a certificate is used to sign a document, should the data of validation or the date of signing be operative?
  • License plates for vehicles expire every year, primarily to ensure that access taxes are collectable.

State Issued IDs

Four kinds of Identity documents are considered here among the many issued by states all over the world.

  1. Passports seem to be the simplest in that they have an Expiry date but cannot be used for travel starting up to 6 months before that date and are eligible for renewal up to 12 months after the expiry date.
  2. Social Insurance cards typically have no expiry data other than death.
  3. EID or electronic smart cards issued to state residents.
  4. Driver's Licenses started out with a simple expiry date used to assure person was still qualified and able to pay.

The following Expiry dates and events can apply to a driver's license. Complications arise because the license card is also used as an ID card.

  1. Driving with an expired license is a crime, but any judge can revoke a license at any time. That order can likewise be removed.
  2. When a new license is issued, the old one typically has a hole punched in the card, a receipt for the new card is printed and the new card is mailed to the licensee. Now the card is revoked for driving, but is explicitly still valid for ID, although that may, or may not, be honored by a verifier.

For a Digital Driver's License thing get even more complex. Note in particular that the license is a grant of a right to use the public roads. Calling the card a license is conflating the idea of license to drive with a card expressing that license.

  1. The Issuer of the license has a certificate with a finite expiry date.
  2. The "mDL" is represented as a bag of bits which is typically called an mdoc and which has an Expiry data which may be significantly shorter than the license.
  3. When the mdoc Expiry date triggers, it is not the mDL that expires, but the mdoc.
  4. The value of the expired mdoc after Expiry for identification is not clear at this point.
  5. Recall that the license ID number is based on the mDL, not on the mdoc. So the mdoc is what is evaluated, but the mDL is what is a legal right to drive and most states continue to require a physical card to be present when driving.

References