> <i>When every child is born we give them a domain name.</i><p>Wait a second. <i>Who</i> gives them the domain name? The government? Your company? And does it last until you die?<p>As the blog post mentions, many countries have been issuing ID numbers to every citizen for decades. So it would be extremely simple to give each citizen a unique domain of the format id_number.ccTLD or similar. But why don't we do it? Because security and privacy.<p>For example, South Korea issues unique 13-digit IDs to citizens and long-time residents. For decades, these ID numbers have been <i>the</i> preferred way to identify people in every public and private setting. They are assigned at birth, unchangeable during a lifetime, and never reused after death, so it's easy to see why they would be ideal for unique identification. But recently, a law was passed that banned most online services from using these ID numbers to identify members, because there have been a number of high-profile breaches where tens of millions of ID numbers were leaked. But it's too late! South Korean ID numbers are a dime a dozen in every black market around the world, and it is estimated that every citizen who has ever signed up for an online service has had their ID number leaked multiple times already. A group of affected individuals recently petitioned to have their ID numbers changed, but were refused. (The SK government only allows your ID to be changed if there is reason to believe that NK is trying to kill you.) The case is currently at the Constitutional Court awaiting a final decision.<p>> <i>We Have to Many IDs ... Nowadays we commonly have a driving licence, passport, tax related number, electoral roll number, a personal domain, email, phone numbers and probably others depending on the country you live in.</i><p>The difference between your national ID number (if your country has one) and your passport number is that the former is a serial number for yourself, whereas the latter is a serial number for the passport. When your passport expires and you get a new one, your new passport has a new serial number, because it's a different physical object. If your passport is stolen, they only blacklist the passport, not your ID number. Since there is a one-to-many relationship between people and passports, it makes sense to store them in two different tables with different primary keys.<p>Your phone number can be easily changed, and this is a good thing because thousands of people are stalked by abusive ex-partners every year. If your phone number were irrevocably tied to your person, it would be a lot more difficult to prevent your ex-husband from finding you. Ditto for e-mail and physical addresses.<p>Even your name is not an immutable identifier. If you used to be john.smith.ccTLD but now you're mary.jones.ccTLD because you changed your sex and your parents disowned you, now you have to notify everyone about the change. In addition, many cultures have complicated rules about changing your name when you get married, and it's not always as straightforward as "wife assumes husband's last name". Sometimes you're given a ghetto name that sounds like "dumbass" in your second language and you need to change it before you enter a respectable profession. etc. etc.<p>For this and similar reasons, I am <i>prima facie</i> unenthusiastic about any identification code that lasts a lifetime. Unless the code is never meant to be disclosed to third parties, like a GPG private key. But even GPG keys can be revoked at will, and this is a considered a critical security measure.<p>> <i>Putting everything online could quite possibly lead to the greatest security breach of all time.</i><p>That disclaimer was supposed to be at the TOP of your blog post, not at the bottom. When we're talking about identification methods that last a lifetime and are difficult to change, security should come first and foremost.