Ah ok. I understand now. The website isn't making an additional request to the government to verify that the credentials you gave are real. The authenticity is built into the signature.
Ah ok. I understand now. The website isn't making an additional request to the government to verify that the credentials you gave are real. The authenticity is built into the signature.