Hopefully some day we will get state-managed PKI, and citizens will get used to handling their keys appropriately.
It's crazy that some functionality on e.g. the IRS website requires me to verify my identity using a private company (ID.me).
Hopefully some day we will get state-managed PKI, and citizens will get used to handling their keys appropriately.
It's crazy that some functionality on e.g. the IRS website requires me to verify my identity using a private company (ID.me).
That also goes to the other extreme.
For all the faults of current Fediverse software implementations, it at least gives more options than nostr. If you don't care about controlling your own identity, you can use someone else's server. Nostr doesn't give you that, it's all or nothing.
No thank you. That last thing anyone should want is governments holding ownership over their private keys.
Private companies are bad enough, but at least they won't declare you an undesirable for your political beliefs or religion or ethnicity or gender identity or sexual preference or whatever and shoot you in the head over it.
Except where governments and private companies collaborate, which of course happens (looking at you literally every American social media platform.)
There's certainly a middle ground. I'd like to have A WAY to authenticate with the US government, other than an in-person ID check or a random private company.
It would be great if governments provided the option to authenticate with third party PKI. Having a public option would be nice as well. Identity management and verification is a core competency of government, after all.
> Hopefully some day we will get state-managed PKI, and citizens will get used to handling their keys appropriately.
Passports have had keys in them for a while now (so-called "e-passports")
These keys are intentionally not usable for non-repudiable signatures.
european IDs already have a chip with your personal keys and you can use that to log into any state operated service
Neither do all EU member states (in case you mean that by "European") issue ID cards, nor do the ones that do universally enable them for digital signatures.
Many EU countries have existing e-signature rails completely independent from physical ID cards, which only have to conform to ICAO document verification standards (and these are intentionally not usable in an e-signature context).
There is no European ID. Please specify individual countries (I think this is just Estonia at the moment?)
German ID cards also support eID functionality on their citizen ID cards and even permanent resident ID cards, but ironically EU citizens are qualified for the issuance of neither, so they had to introduce another type of card for them to not run afoul of EU anti-discrimination laws.
All of this is currently pretty messy and there's only limited practical cross-country acceptance of eIDAS signatures, but is supposed to get unified under the banner of EUDI (EU Digital Identity) "wallets".
Portuguese IDs also have a sim card, but I never used it for anything other than accessing government services.
in my case Spain with the DNI 3.0 but as others commented its a thing in many of them
has been the case for Hungarian ID cards for a decade now, but it was never really used, except maybe by burorats in gov offices to access their systems.
but no one understands it, including the people who need to issue new signing keys.
it didn't get anywhere really. it was just a good opportunity for a lot of taxpayer money to... "lose its taxpayer money nature" (actual phrase by an actual politician when cornered by questions).
and now they are "moving on" to an app that must be installed on your phone to access more and more services.
ID2030 is roaring on worldwide... soon mandatory iris scans, vaccine implants, and who knows when they will try to roll out mandatory brain implants against thought crimes.
the more i think about the sign of the beast (as an atheist), the more sense it makes.