To: ConservativeWarrior; AndyTheBear; zeugma
"The difference is that the .gov would use their private key to sign ALL the IDs in the system."
"...if the .gov private key is compromised, all other issued keys would need to be revoked and replaced."
Why would the govt need to sign the public keys? Just publish them on a govt web site - no signing or management needed. Anybody and everybody can have your public key and they can't do anything with it that would allow them to impersonate you. They can send you an encrypted message with it that only you (with your private key) can decrypt but they can't send a message as you or sign a document as you.
AndyTheBear has it right as to how public/private keys would work as secure personal identifiers.
Zeugma has it right as to how "normal" people would be incapable of using and maintaining the security of such a system.
90 posted on
10/04/2017 3:03:45 PM PDT by
Garth Tater
(Gone Galt and I ain't coming back.)
To: Garth Tater
Why would the govt need to sign the public keys? Just publish them on a govt web site - no signing or management needed. Anybody and everybody can have your public key and they can't do anything with it that would allow them to impersonate you. They can send you an encrypted message with it that only you (with your private key) can decrypt but they can't send a message as you or sign a document as you. You wouldn't necessarily need the government to do it, but to do need a way to validate keys. We already have an existing PKI infrastructure of sorts, though I've never really depended upon it in the public key servers. I have actually used it as a starting point for certain individuals that I wanted to have the public keys of, but given the way the web of trust works, you still have to manually (i.e., verbally) validate fingerprints. I've often thought the notary public system would actually be something that could be efficiently harnessed for this, but again, you run up into computer literacy/security issues.
92 posted on
10/04/2017 6:30:06 PM PDT by
zeugma
(I live in the present due to the constraints of the Space-Time Continuum. —Hank Green)
To: Garth Tater
And when the .gov’s private key is compromised, and it will be, the whole system collapses.
Remember when the Verisign private key was compromised 5 years ago? Their entire CA was made obsolete, and they had to revoke ALL certs ever issued through it.
94 posted on
10/05/2017 6:29:34 AM PDT by
ConservativeWarrior
(Fall down 7 times, stand up 8. - Japanese proverb)
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson