top | item 45751467

(no title)

There are a couple big problems with this type of digital and decentralized type of authentication (I say this as a long time cryptocurrency professional who wants this to succeed):

1. backups and account recovery: We’re working with humans here. They will lose their keys in great numbers, sometimes into the hands of malicious actors. How do users then recover their credentials in a quick and reliable manner?

2. Fragmentation: let’s be optimistic and say digital credentials for drivers licenses are given out by _only_ 50 entities (one per State). Assuming we don’t have a single federal format for them (read: politically infeasible national id) how does facebook, let alone some rando startup, handle parsing and authenticating all these different credential formats? Oh and they can change at any time, due to some rando political issue in the given state.

OP, you clearly know all this, so I’m just reminding you as someone down in the identity trenches.

discuss

Edmond|4 months ago

1.Backup and recovery with this solution is no different from backup and recovery of your phone. It is a potential issue but not unique. Cryptographic certificates and associated keys reside on your device.

2.The data format issue is (or was) indeed a concern though it was never insurmountable. A data dictionary would have been the most straight forward approach to address it: https://cipheredtrust.com/doc/#data-processing

I say data format discernment was a concern because as faith would have it, we now have the perfect tech to address that, LLMs. You can shove any data format into an LLM and it will spit out a transformation into what you are looking for without the need to know the source format.

Browsers are integrating LLM features as APIs so this type of use would be feasible both for front and back end tasks.