[ConservativeWarrior]

“If you can tell me a good reason to require the public keys to be signed by the govt (or anyone else) I’d love to hear it.”

---

Who is going to be the issuing authority in this scenario? The government is. The government would be signing and issuing citizen IDs, using their private key. They will also use it to provide authentication and non-repudiation of citizens’ keys. (someone is going to need to validate the keys when a citizen attempts to authenticate with it)

Once they private key of the government authority server is compromised, the entire system collapses. Anyone would then be able to issue citizen identifiers. The .gov would have no choice but to revoke all previously issued citizen IDs, and we start from scratch.

My last post on this, because you’re just not getting it.

[Garth Tater]

" They will also use it to provide authentication and non-repudiation of citizens’ keys."

There is no need to authenitcate citizens' private keys. This is not a system that would be used for communication between unknown and untrusted parties where the only trust is provided by the keys. It is a system to be used with only one untrusted party (the citizen) that needs to be authenticated and the fact that his signed documents can be validated with his public key (that the govt knows is correct since they issued it) and that he can decrypt and respond to encrypted messages sent to him by the govt validates him and his private key to the govt.

I'm not even sure why you are bringing up non-repudiation of citizens' keys here. Do you really think you can tell the govt, "No, I didn't sign that" when the private key that they gave you was used to do the signing?


"Once they private key of the government authority server is compromised, the entire system collapses. Anyone would then be able to issue citizen identifiers"

Again, there is no need for the govt to have a private key as there is no need for them to sign the public keys. Those keys are "good" because the govt says they are and the only "good" keys are posted on the govt's website. This is not a public system that will be used between unknown/untrusted parties - which is the point you are not taking into consideration when you say that the public keys need to be signed.

And, even it you threw an unneeded govt private key into the mix, what good would it do for a hacker to issue "citizen identifiers" if the corresponding public key was not posted on the government's website? If the public key is not on the govt website it is invalid. If it is on the govt website it is valid. One side of this relationship is trusted by definition - the govt is always a trusted party in this relationship simply because they say they are.