acceptable documentation

["Eric Lawton" <Eric.Lawton@xxxxxxxxxxxxx>]

As a new subscriber, I'm not aware if this subject has been discussed already.  I searched the archives, but was not able to find a relevant thread.

I'm wondering if there's support, on the basis of experience or formal policy, for our proposed requirement for authenticating LRA's to have the individual produce two pieces of ID from a list of primary identification and one item of ID from a secondary list.

On the primary list, GO-PKI will accept a Driver's license, passport, certificate of citizenship or Naturalization, Indian Status Band Card, or another document of identity issued by a government minitry or agency with a vigorous registration process or security clearance process.  (Note: birth certificates are not in this list)

On the secondary list, we will accept: bank account statements, ATM cards showing the subscriber's full name and signature, credit cards showing name and sig, accounts showing name and address, insurance renewal documents showing the same address as the subscribers application,marriage certificate issued by a government ministry or agency.

I'm hearing about resistance to the 2 primary ID requirement and a preference to go with 1 primary and 1 secondary due to the hassle of finding 2 pieces of ID.  Any comments or pointers to other jurisdictions' CPs that I can use as support?

I should also mention that the prospective LRA would also be put through an Enhanced Reliability Check which must include a finger print check and credit check prior to undertaking their LRA role.

Any comments would be appreciated.

Eric Lawton
PKI Security Advisor
iSERV ONTARIO