Idiots. My father used to repeat his favorite rule of life to me every time I said something stupid (which is still pretty often). "Put your mind into gear before your mouth into motion." As McNealy implied in my recent interview, if most people welcomed a rational discussion about the big difference between authentication in situations that demand it (such as boarding an airplane, renting a crop duster, or voting) and storing personal information in a database, national ID critics might not be so quick to vilify advocates of something a lot more bulletproof than what we have today.

What do we have today? A broken system.

For everyone who thinks that we'll suddenly become inconvenienced because we have to start presenting an ID everywhere we go, guess what? We're already supposed to present an ID almost everywhere we go. No one is proposing that we double or triple the number of situations where an ID is required. Ellison's and McNealy's propositions would close two giant holes that make today's systems useless.

First, a bulletproof ID for the public - one that cannot be forged and is safe from unauthorized use -- does not exist. Now, many organizations have implemented very good three-factor security for their own internal use. Three-factor security is based on what you know (a password), what you have (an ID card or other security token), and who you are (biometrics). Think of three-factor security as an ATM card that requires, in addition to a PIN code, a fingerprint. The digitized fingerprint isn't kept in a database. It's digitized and encrypted into the ID card, just like the PIN number.

Second, the current system's dependence on human beings to check IDs (and check them correctly) is absurd.

Any politician or person who tells you that today's public identification systems solve the problems they were intended to solve is a moron.

Enter Ellison and McNealy. The two men are proposing somewhat different approaches to solving the same problem. Ellison's approach, which civil libertarians miscategorize as a national ID, is nothing of the sort. What Ellison suggests is that we have a national standard for implementing IDs. Ellison doesn't care how many IDs you have to carry, or who issues them, as long as their authenticity is guaranteed. In fact, Ellison would probably love for there to be thousands of issuers. The more organizations that issue IDs, the more databases he'll probably sell. But, to guarantee the authenticity if those IDs, the national government needs to ratify a standard with which all issuers must comply.

One ID issuer best approach?
McNealy, who is rumored to be making some kind of national ID announcement at this week's Open World, doesn't have a master plan. (At least not one that he was prepared to divulge in my interview with him.) I asked McNealy how he thought the system should work. He said he hadn't really thought it through that much. Thinking out loud, he first talked about how there might be multiple issuers, but then settled on the idea that there probably should be one -- the U.S. government. His rationale was simple: If the specification that guaranteed each ID's authenticity changed for some reason (for instance, if encryption requirements changed), implementation of the new spec would be far simpler with one issuer.

What most concerns McNealy is that this good idea might be squashed for all the wrong reasons. His opponents argue that a national ID is a slippery slope toward Big Brother watching every one of us. McNealy refers to this as "building databases" and suggests that we don't change the way things are done today. For example, most of us (whether we know it or not) already have substantial databases built around our names or social security numbers. Airlines, ISPs, credit card companies, on-line merchants, and many other businesses are busy building profiles of us. The civil libertarians hate these databases. But what they hate even more is the idea that the government could use a national ID to connect these disparate databases in a way that could form a more complete profile. Indeed, a national identification standard would make it much easier to connect databases and build those profiles in minutes.

McNealy doesn't like the idea, comparing it to a federal wiretap. Laws preventing such wiretaps, he believes, need to stay in place or even be strengthened to deal with the digital age. Had a national ID specification been in place before September11, and had the courts issued "database tapping" orders swiftly enough, much more might have become known much sooner about the hijackers before some of the leads went cold.

Aside from the not-so-subtle differences in the their ultimate solutions (multiple issuers vs. one issuer), both Ellison and McNealy appear focused on the same problem: a bulletproof ID specification with no room for abuse and no way to deliberately or inadvertently shortcut the authentication process.

Provided that the specification requires three-factor security, the human element is removed because a biometric system stands in the way of any transaction that requires authentication, such as voting or boarding a plane. For merchants (electronic, bricks and mortar, or both), the same technology that guarantees the person sitting next to you on the plane is who they say they are could also be the one that prevents abuses like credit card fraud. Merchants almost always bear the cost of credit card fraud because the authentication process failed for some reason. With the right controls in place, the benefits of a national ID idea far outweigh the detriments.