[Psml] PIN Codes
T.W. Cook
tw at twcook.com
Sun Apr 26 19:12:38 EDT 2009
John, you've explained the mechanics of this, but not the reason behind it.
Have we actually had a problem with people impersonating USPS members and
somehow causing problems by accessing the private areas of the site or
"stealing" information? This seems like a lot of complication for what I
perceive as very little, if any, benefit - why is it that what we have,
while not exactly ironclad, isn't secure enough? You hint at being able to
create web services that require absolute authentication - what sort of
things are being contemplated? I cannot envision anything that would really
require more security than the previous simple certificate number and zip
code - but perhaps I am missing something. This whole thing would be more
palatable to all if there were some clearly understood benefit that it
enabled.
Regards,
T.W. Cook
More information about the PSML
mailing list