Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: ConservativeWarrior
Kind of hard to forget, but my question was, "Why would the govt need to sign the public keys? Just publish them on a govt web site - no signing or management needed"

If the govt isn't signing the citizens' public keys then the govt has no need for a private key to do the signing with. If you can tell me a good reason to require the public keys to be signed by the govt (or anyone else) I'd love to hear it.
95 posted on 10/05/2017 10:59:29 AM PDT by Garth Tater (Gone Galt and I ain't coming back.)
[ Post Reply | Private Reply | To 94 | View Replies ]

To: Garth Tater

“If you can tell me a good reason to require the public keys to be signed by the govt (or anyone else) I’d love to hear it.”

Who is going to be the issuing authority in this scenario? The government is. The government would be signing and issuing citizen IDs, using their private key. They will also use it to provide authentication and non-repudiation of citizens’ keys. (someone is going to need to validate the keys when a citizen attempts to authenticate with it)

Once they private key of the government authority server is compromised, the entire system collapses. Anyone would then be able to issue citizen identifiers. The .gov would have no choice but to revoke all previously issued citizen IDs, and we start from scratch.

My last post on this, because you’re just not getting it.


96 posted on 10/05/2017 11:13:18 AM PDT by ConservativeWarrior (Fall down 7 times, stand up 8. - Japanese proverb)
[ Post Reply | Private Reply | To 95 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson