Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: ConservativeWarrior; AndyTheBear; zeugma
"The difference is that the .gov would use their private key to sign ALL the IDs in the system."

"...if the .gov private key is compromised, all other issued keys would need to be revoked and replaced."

Why would the govt need to sign the public keys? Just publish them on a govt web site - no signing or management needed. Anybody and everybody can have your public key and they can't do anything with it that would allow them to impersonate you. They can send you an encrypted message with it that only you (with your private key) can decrypt but they can't send a message as you or sign a document as you.

AndyTheBear has it right as to how public/private keys would work as secure personal identifiers.

Zeugma has it right as to how "normal" people would be incapable of using and maintaining the security of such a system.
90 posted on 10/04/2017 3:03:45 PM PDT by Garth Tater (Gone Galt and I ain't coming back.)
[ Post Reply | Private Reply | To 54 | View Replies ]

To: Garth Tater
Why would the govt need to sign the public keys? Just publish them on a govt web site - no signing or management needed. Anybody and everybody can have your public key and they can't do anything with it that would allow them to impersonate you. They can send you an encrypted message with it that only you (with your private key) can decrypt but they can't send a message as you or sign a document as you.

You wouldn't necessarily need the government to do it, but to do need a way to validate keys. We already have an existing PKI infrastructure of sorts, though I've never really depended upon it in the public key servers. I have actually used it as a starting point for certain individuals that I wanted to have the public keys of, but given the way the web of trust works, you still have to manually (i.e., verbally) validate fingerprints. I've often thought the notary public system would actually be something that could be efficiently harnessed for this, but again, you run up into computer literacy/security issues.

92 posted on 10/04/2017 6:30:06 PM PDT by zeugma (I live in the present due to the constraints of the Space-Time Continuum. —Hank Green)
[ Post Reply | Private Reply | To 90 | View Replies ]
To: Garth Tater

And when the .gov’s private key is compromised, and it will be, the whole system collapses.

Remember when the Verisign private key was compromised 5 years ago? Their entire CA was made obsolete, and they had to revoke ALL certs ever issued through it.


94 posted on 10/05/2017 6:29:34 AM PDT by ConservativeWarrior (Fall down 7 times, stand up 8. - Japanese proverb)
[ Post Reply | Private Reply | To 90 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson