top | item 46251626

(no title)

Aren't these all solved problems that we've worked out decades ago with certificates?

Certificates prove that a website/server (and sometimes the client) are who they say they are.

We force the website to renew their certificate from an issuer every year so that stolen tokens/certificates are less of a problem.

The issuer can protect or hide the identity of the certificate owner, and doesn't get any information about which clients accessed a server.

discuss

swid|2 months ago

The real problem is just managing identities for millions of people. Some of those people will voluntarily use their credentials for someone under 18. Some will sell their identities. There is no technical solution to that.