[HN Gopher] Dangers of "decentralized" ID systems
___________________________________________________________________
Dangers of "decentralized" ID systems
Author : anonymous123
Score : 118 points
Date : 2024-04-21 19:30 UTC (1 days ago)
(HTM) web link (paper.wf)
(TXT) w3m dump (paper.wf)
| wmf wrote:
| Summary: Relying on government ID isn't decentralized.
|
| I'm having a hard time thinking of one such system though.
| jandrewrogers wrote:
| The US is an odd case where there is no central government ID or
| identification base layer. There are many independent authorities
| that can issue an ID, none of which are universally provisioned
| or recognized by governments within the country. This creates
| enough edge cases that it is essentially required to be possible
| to bootstrap an identity from negligible formal documentation,
| which is also a rather large loophole.
| jiveturkey wrote:
| why doesn't a passport count? or do you mean, no central ID
| that is the only acceptable ID for various services
| jasode wrote:
| _> why doesn't a passport count?_
|
| In the USA, non-citizens (legal permanent residents aka
| "green card" holders) can't get passports. They can get
| state-level drivers licenses but only citizens can get
| passports from the centralized-level Federal government.
| photonbucket wrote:
| Greencards have a MRZ just like passports though.
|
| Green cards are effectively entry-only passports (from the
| perspective of the US). You can enter the country by land
| with just the GC with no passport. Additionally, if you
| arrive by air and you have global entry they don't look at
| your passport at all, just the GC.
| techsupporter wrote:
| > In the USA, non-citizens (legal permanent residents aka
| "green card" holders) can't get passports.
|
| Is there a reason they can't get a passport from their
| country of citizenship?
|
| Plus, passports are fully standardized, at least the
| biometric ones are. It's possible to read and verify the
| data on a biometric passport entirely offline using open
| source applications that implement the documented
| processes.
| arlort wrote:
| Presumably they can but it won't prove their legal status
| in the US, assuming the local government even recognises
| it as a legal form if ID
| wdb wrote:
| How did the green card holder enter the USA without a valid
| ID / passport?
| dragonwriter wrote:
| Well, they probably didn't do so with a valid US ID, and
| certainly not with a valid US passport.
| pvg wrote:
| Yes but they definitely have centralized id - the 'Alien
| Registration Card' itself. Technically, lawful permanent
| residents are supposed to carry it at all times.
| dragonwriter wrote:
| > In the USA, non-citizens (legal permanent residents aka
| "green card" holders) can't get passports.
|
| Yes, but legal permanent residents (and some other legally
| resident aliens) also have federally-issued ID, and its not
| optional the way passports are for citizens. (For LPRs, the
| Permanent Resident Card, for others the Employment
| Authorization Document or Immigrant Visa.)
| michaelt wrote:
| Forgive my ignorance, but isn't the green card already a
| federally issued, nationally recognised photo ID?
| dylan604 wrote:
| I think you greatly underestimate the number of people that
| do not have a passport.
| jiveturkey wrote:
| I recognize that percentage-wise, dissapointingly few US
| citizens have passports. I suppose it's more linked to
| economic status than anything else.
|
| But I was merely rebutting the parent's statement that
| there is no centrally issued ID in the USA, in the context
| of ironic use for a base layer for "decentralized"
| identity.
|
| It's too bad the article focused on that nonsense instead
| of, what good is a decentralized identity -- if it can't
| assert your actual physical identity.
| jandrewrogers wrote:
| A passport is an ID. However, it is not mandatory and some
| State governments do not recognize it as a valid ID for legal
| purposes. In the US, the power to issue authoritative IDs
| resides with the individual States, not the Federal
| government, which creates many interesting edge cases.
| pvg wrote:
| _some State governments do not recognize it as a valid ID
| for legal purposes._
|
| Do you know which state governments?
| jiggawatts wrote:
| Australia is the same. Even accessing federal systems involves
| a baroque system of multi-credential attestation where you
| nominally have a single "GovId" but in practice you have to
| jump through a bunch of hoops on a per-agency basis. The GovId
| itself is a weird amalgam of "n-of-m" identity papers.
|
| This all happened because back in the early 2000s there was an
| attempt at a single "Australia ID" but geriatrics had their
| brains pickled in decades of anti-communist propaganda and
| voted against it.
|
| The logic is: "Only communist governments know who their
| citizens are."
|
| Democracies apparently have to be ignorant and easily exploited
| by criminals falsely claiming pensions and other benefits using
| easily forged identity papers.
| acdha wrote:
| > This all happened because back in the early 2000s there was
| an attempt at a single "Australia ID" but geriatrics had
| their brains pickled in decades of anti-communist propaganda
| and voted against it.
|
| This is similar to how the U.S. has a certain amount of
| opposition from Christian sects who believe any sort of
| national ID number would be the biblical mark of the beast.
| There's a certain dark humor in the way privacy is used to
| complain about identification cards but that only leads to
| the semi-regulated private data brokers being used by
| everyone, including the government, with purchased access to
| far more data.
| spacebanana7 wrote:
| > geriatrics had their brains pickled in decades of anti-
| communist propaganda and voted against it.
|
| Isn't the CCP's behaviour still one of the best arguments
| against universal government ID?
| jiggawatts wrote:
| I cannot fathom the error in logic that yields the
| conclusion that elected governments having a SQL table with
| a primary key constraint is somehow "the same thing" as the
| authoritarian abuses of power by a single-party communist
| dictatorship.
|
| A number on a piece of paper is not the root cause of
| secret police brutally cracking down on dissidents!
| spacebanana7 wrote:
| The possession of power and the misuse of power are of
| course different things.
|
| But knowledge of the full population is particularly
| corrosive kind of power. It can reveal negative
| information - one can query for all people without a
| donation to political party, for example.
| jiggawatts wrote:
| Only if that _data_ is in the same table.
|
| The primary key is just a number, and tells you nothing
| other than perhaps roughly when you were born (if it is
| sequentially allocated).
| arlort wrote:
| No. In fact the entire thing that makes Chinese
| surveillance so bad is that they don't need an ID to
| identify you
| spacebanana7 wrote:
| Universal government ID allows your identity to be very
| efficiently communicated between different public/private
| sector agencies.
|
| That's how your local CCTV camera catching you jaywalking
| could communicate to your bank that you should be fined.
| salawat wrote:
| >The logic is: "Only communist governments know who their
| citizens are."
|
| The logic is actually "That which I wish to control or
| destroy, I must first enumerate/name."
|
| A Government that exists only to administer (and not control
| the populace), has no need to know who all it's citizen's
| are. Merely to know who is involved in the limited processes
| being administered.
|
| Sadly, all common sense around that seems to have evaporated
| since 2001 in the U.S. It seems like only those of us left
| who experienced the pre-9/11 world are doing a terrible job
| at instilling a picture of a government that's not all "Big
| Brother is watching" in the younger generations. The gluttony
| of Law Enforcement and the IC for a Single Identification
| Number to unify and enumerate every flesh and blood person
| wandering around cannot be overstated.
| jiggawatts wrote:
| "You can't improve(manage) that which you can't measure."
|
| In practice, all government departments in all countries
| have databases with primary key identifiers in them.
|
| We can do this accurately and efficiently, or we can
| continue to insist on doing it inaccurately and
| inefficiently because of "Red Scare" propaganda.
|
| You are proposing that you prefer your government to be
| slow, inefficient, inept, and vulnerable to fraud and
| corruption.
|
| I prefer my government agencies to not waste my time, not
| confuse me with similarly named people, etc...
|
| This is a real problem that occurs every day, versus the
| slippery-slope arguments that derive from anti-communist
| hysteria.
|
| Here's a real situation: Identical twins with the same
| name, because "John Sr is the son of John Sr for ten
| generations, and he didn't want to give up the tradition
| just because he had twins." That's a real story from a
| public school system where the kids were living at the same
| address, attending the same school, were born on the same
| day, in the same hospital, etc...
|
| How would you disambiguate them? You would start with...
| assigning... a... unique... number perhaps?
| salawat wrote:
| >How would you disambiguate them? You would start with...
| assigning... a... unique... number perhaps?
|
| Yep. That's how. Now lets see what inevitably gets built
| once you do that.
|
| Now do you that mapping to a Federal system, which maps
| that ID to a set of tables including a map to every other
| every other organization's ids relevant to that
| individual such that one can essentially completely hose
| someone via the "Sanction this individual in particular
| where (subquery). This system has already been built in
| the Financial sector, it's called OFAC. More advanced
| integrations are in progress. Look up "Fusion Centers".
|
| Do I think that's a worthy trade in case that gets in the
| wrong hands? Fuck no.
|
| Should those same systems be free to be "privately built
| and transacted for business purposes" in a way that
| utterly sidesteps prohibitions against the Government
| directly building that dataset themselves, resulting in
| 3rd party SaaS queries through Data Brokers? See
| LexisNexis, Palantir, or any of the Credit Bureaus or
| other data brokers. Also telecoms selling location data.
| Or automotive manufacturers feeding telematics to
| insurers or Law Enforcement.
|
| Worthy trade for the risk? ?Hell no.
|
| You can have a world where nightmare abuses of these
| types of systems are outright impossible, or you can have
| a world that's incrementally more efficient, but you must
| accept these abuses being realizable. That's an XOR
| there. There is no escaping it.
|
| Certainty of abuse has probability 1. How do I know?
| Because I've been tempted to do as much before, and I
| know that I am an uncharacteristically extreme example of
| someone that thinks something through before committing
| to it, and it's only by doing so that I've managed to
| avoid implementing that very thing. 98% of people will
| not hold themselves to at least the the rigor I have.
| There are people far too pragmatic to be bothered by such
| things as ideals or edge cases; which is necessary to
| deal with when you're talking about enabling top down
| practicable social targeting systems. We are not special.
| It will not be different this time. Our nature is not
| such that we can safely discount these sorts of things.
|
| The enemy is among us, and they are us. I don't fear
| communists. I fear the paperclip maximizing zealots among
| us who will sacrifice everything in pursuit of thrir
| goal. I've been one of them.
|
| I will not subject those down the road to a working
| Panopticon. I will not build that lever. I'm sorry. I
| will consign you to a fate wherein you suffer from an
| occasional bureacratic mixup, but you will never once
| need worry that some madman is sitting on the button that
| causes you to lose access to everything instantly. That
| will allow a faceless bureaucracy to control your access
| in real time. To know your every move, all the time. I'd
| rather you be free. That you be unmanageable. That the
| mechanisms of external social coercion not be perfect.
| For without those spaces, there is no room for freedom.
| Only not currently having your chain jerked. Know that if
| ever you are subdued by the machinations of the
| technophile, it will not have been I that forged those
| chains.
|
| Just because you _can_ build something, doesn 't mean you
| _should_.
|
| Just because you can _measure_ something, doesn 't mean
| you _should build the yardstick_.
|
| It does not follow that something you can't currently
| measure _must have a measure built, and then as a
| consequence of it 's measurability then be managed_.
|
| Those that seek power will beseech you to build these
| things for them. It is your job to see these things for
| what they are, and learn to be able to say "No."
| RandomLensman wrote:
| Maybe the US is just particularly broken? It is not like
| countries with robust, state-run ID systems are all some
| sort of dictatorial or even data hellscape.
| jiggawatts wrote:
| Propaganda is a _very_ effective tool. People internalise
| it to the point that it becomes a part of their personal
| identity, and it becomes a part of the ambient societal
| discourse. It 's like the air you breathe. You don't even
| realise that you're breathing until someone tells you
| that you are.
|
| Conversely, it is trivial to identify _foreigners_
| influenced by propaganda. You see the effect, but are not
| subject to the cause. It 's like seeing a fish in a body
| water. You immediately think to yourself: "There's a fish
| in the water", but the _fish doesn 't think it's swimming
| in water_. If you could ask it somehow, it would ask:
| "What is water?"
|
| PS: There are quite a few topics like this where if you
| ask any American, you get some specific propaganda in
| response, but if you ask _literally anybody else_ on the
| _entire planet_ -- the other 96% of the human population
| -- you 'll get slow blinking and maybe a "wtf!?" instead.
|
| E.g.: Iraq caused 9/11, gun control, states-rights, and
| publicly-funded ("free") healthcare.
|
| All three of them are _very_ heavily propogandised for
| decades now by very-well funded lobby groups... in the
| US. Elsewhere people are like: "No, the Saudis did!",
| "Illegal!", "Wat!?", and "Of course!"
| fragmede wrote:
| proof that humans are just stochastic parrots as well
| Muromec wrote:
| >You are proposing that you prefer your government to be
| slow, inefficient, inept, and vulnerable to fraud and
| corruption.
|
| It's a fair trade off if your target KPI is having zero
| genocides enabled by extensive records-keeping.
| jiggawatts wrote:
| If you think the lack of records-keeping is protection
| against genocide, or has ever prevented one in the
| history of the world, then I have some bad news for you.
| mrguyorama wrote:
| The US did not require any data crunching from IBM or
| anyone else to genocide the Indians.
|
| The entire line of thought is straight up propaganda from
| weird Christians who have a really weird cult belief that
| some id number is the mark of the beast and saw a great
| opportunity to lie about the holocaust (plenty of jews
| were murdered using no better data than "Wilhelm says he
| saw them praying last Saturday").
|
| You can see the same stupidity in the talking point from
| 2nd amendment maximalists that the jews were only
| genocided because they gave up rights to own guns, or
| something to that effect, as if a population experiencing
| genocide would have qualms about illegal firearms.
| jandrewrogers wrote:
| In the US, significant fractions of both the Democrat and
| Republican parties are against anything that resembles a
| single national ID, for different longstanding reasons. And
| the legal hurdles are high enough that it would require both
| parties actively working together to effect material change,
| so even if one of them had a change of heart it wouldn't
| matter.
| AnthonyMouse wrote:
| > Democracies apparently have to be ignorant and easily
| exploited by criminals falsely claiming pensions and other
| benefits using easily forged identity papers.
|
| How is centralized identity necessary or sufficient to solve
| this? If you have an ID card issued by e.g. your brokerage,
| it can use strong cryptography and be no easier to forge than
| any government ID. If you lost your card you could use any
| mechanism you could use in the event that you lose your
| government ID. Some of these methods have poor security
| properties but that's the same in both cases.
|
| The only thing you get from centralization is non-consensual
| tracking.
| jiggawatts wrote:
| > How is centralized identity necessary or sufficient to
| solve this?
|
| To give you an idea of just how low the fruit is hanging,
| approximately 100K fake children "vanished" from
| Australia's welfare system when the government introduced a
| system where you had to list each dependent child's Tax
| File Number (TFN) to claim welfare benefits. (Prior to
| that, you just had to put down how many children you were
| claiming benefits for.)
|
| If you can get ID papers from random brokerages, then how
| is the government to perform a simple uniqueness check
| _across_ brokerages?
|
| It always boils down to the same thing: Someone, somewhere
| has to have a table with a primary key on it.
| AnthonyMouse wrote:
| > To give you an idea of just how low the fruit is
| hanging, approximately 100K fake children "vanished" from
| Australia's welfare system when the government introduced
| a system where you had to list each dependent child's Tax
| File Number (TFN) to claim welfare benefits.
|
| The assumption here is that they're all fake rather than
| there being a non-trivial number of people who don't
| understand how to fill out the new forms, or aren't
| willing to admit to an association with an out-of-wedlock
| child on an official form even though the child is real
| and actually being supported etc.
|
| > If you can get ID papers from random brokerages, then
| how is the government to perform a simple uniqueness
| check _across_ brokerages?
|
| Nobody other than the brokerage uses the brokerage's ID.
| That's what decentralized is. Children typically wouldn't
| have an ID from a brokerage anyway. The welfare agency
| would provide recipients with its own IDs. How does it
| establish uniqueness for this? The same way as the
| institution issuing a Tax File Number.
| techsupporter wrote:
| > The US is an odd case where there is no central government ID
| or identification base layer.
|
| As others have mentioned, the US Federal government issues
| passports and passport cards, yet it's entirely up to the
| agency that wants ID what IDs they will accept. I've been
| turned down for using a passport card for some Washington State
| government activities ("the card doesn't have a signature"),
| using a passport to buy an age-restricted item from a store
| ("we can't scan it"), and a passport card with the state's
| largest credit union ("too much fraud with passport cards").
|
| Yet none of these are _documented_ anywhere. Everyone just
| assumes you 'll have a state-issued driver license and if you
| don't, well, you're obviously up to something nefarious.
| (Before anyone asks, I do have a state-issued enhanced
| identification card. It looks identical to a driver license,
| except it says "identification" on it. I've still been told
| "that's not a driver's license, I can't take that.")
| jandrewrogers wrote:
| I use a Federal ID when dealing with legal purviews of the
| Federal government, and a State ID when dealing with the
| legal purviews of State governments (which is most things).
| This is the only reliable scheme I've found. As a matter of
| Constitutionality, the States are largely required to
| recognize State IDs, but no one is required to recognize
| Federal IDs because there is no authority and as a practical
| matter many governments don't.
|
| It doesn't help that some clerks are confused by the zoo of
| government issued IDs that exist in the US. IDs in the US are
| a mess, the legal barriers to making it possible to have an
| organized identity system are very high, and both the
| Democrats and Republicans are resistant to removing those
| legal barriers, so this situation is unlikely to change.
| maxerickson wrote:
| Real ID has more or less happened. States still issue IDs
| that don't meet those requirements, but at some point it's
| likely enough to actually become a requirement for using
| the ID to fly (instead of being delayed again).
| jandrewrogers wrote:
| The ID standardization parts mostly happened. The parts
| where the underlying State databases are shared with a
| central Federal government database did not.
| maxerickson wrote:
| There's a data sharing system, it isn't clear if it is
| entirely functionally equivalent to a centralized
| database, but it certainly goes in that direction if you
| compare it to not having a sharing system.
| briffle wrote:
| And even then, most of us can do a ton of damage just knowing
| the last 4 of someones social security number, and their
| bithday.
| cloudhead wrote:
| Low quality post that doesn't understand how DIDs work.
| justinko wrote:
| That's because it was clearly very heavily assisted by AI.
| jiggawatts wrote:
| This article avoids the elephant in the room: nobody except
| cryptocurrency nuts asked for this.
|
| The "Decentralised" part of DID should give a hint that this is
| yet another attempt to make crypto relevant to the real world
| outside of bypassing sanctions, paying for drugs, or extorting
| hacking victims.
|
| Web 3.0 failed because cryptocurrencies can't support the high
| bandwidth and low latency required. So the same people came up
| with DID, which can tolerate multi-hour transaction delays and
| storage capacities measured in single-digit kilobytes.
|
| Most of the criticisms against Web 3.0 still apply to DID. It can
| be impossible to revoke, as the article stated. Which means if
| grandma's wallet is hacked, she can be impersonated forever by
| the hacker, and not even the government can help her with this.
|
| "Yay, censorship resistant!" many will proclaim. (Loudly)
|
| Okay, name me one instance (1) where a citizen of a western
| country had their identity censored in any sense by their
| government.
| bawolff wrote:
| > Okay, name me one instance (1) where a citizen of a western
| country had their identity censored in any sense by their
| government.
|
| I don't think this is the problem DID is trying to solve, but
| the article mentions illegal immigrants and stateless people.
| bschmidt1 wrote:
| The crypto phase ended up accidentally showing us why
| centralized authority is important. It sounds great on paper:
| If we can simply enforce a protocol, then we don't need
| authority, right?
|
| But we still have to trust who enforces the protocol. If we
| rely on trusts and exchanges to any degree, for example, to
| enable faster, more convenient transactions, or for user
| experience, then those trusts (banks) cannot be running off
| with the customer deposits like BitConnect and FTX did. The
| trust should be insured and should have to follow normal bank
| and currency exchange regulations. When you add in all the
| banking infrastructure that would be needed to bring
| cryptocurrencies up to speed we'd end up with a clunkier
| version of what we have (we already have fast digital banking,
| and cash is already anonymous and instant).
|
| Regarding crypto for content chains: Basically the same ideas,
| if certain peers are trusted to host, serve, and/or broker
| content in some way, how do you trust those parties, or if
| there are content "vaults" off-chain to enable faster access to
| data, how do we know it wasn't tampered with off-chain? Can't
| store it on chain feasibly either, especially if the content is
| say full-length films.
|
| I think blockchain for both cryptocurrencies and content chains
| is better suited for smaller peer networks where you know you
| can trust the node hosts and the cryptography is used more for
| keeping nodes in sync, and for lower-level security, not as a
| replacement for trust. Or if you don't trust the node hosts,
| then the trusted party is whoever maintains the "peer list" -
| but that's just a road toward what our Federal Reserve, or our
| Wikipedia, can already do much better with consumer banking and
| open-source contributions (respectively).
| spacebanana7 wrote:
| > Okay, name me one instance (1) where a citizen of a western
| country had their identity censored in any sense by their
| government.
|
| Eugene Shvidler's sanctioning by the UK poisoned his identity.
| A UK-US dual citizen living in Britain who had Russian business
| dealings.
|
| The sanctions are devastating to personal freedom. Beyond the
| direct financial impact, they make it very difficult to travel,
| engage in charity or use digital goods.
|
| You might argue he deserved it for making money in Russia, but
| the lack of due process is astounding.
|
| His commercial behaviour predates any legal prohibition and he
| didn't get to argue his case in front of a judge/jury before a
| punishment was installed.
|
| https://www.theguardian.com/law/2023/jul/19/sanctions-regime...
| kiitos wrote:
| Sanctions are an important component of our society, in the
| broadest sense. They are net good, not bad.
| spacebanana7 wrote:
| Sanctions are effective tools at undermining the economic &
| industrial base of an adversary.
|
| They're poor tools as substitutes for criminal penalties
| for local residents.
| kiitos wrote:
| Less "adversary" as evaluated by a specific entity, more
| "bad actor" as evaluated by the collective. Which is the
| intent. Of course nobody issuing sanctions specifically
| intends them to be criminal penalties for local (target)
| residents, it's nonsensical anyway as the issuer(s)
| generally don't have any kind of criminal authority in
| the relevant jurisdictions.
| spacebanana7 wrote:
| Suffragettes, civil rights activists and Vietnam war
| protesters would've all been considered "bad actors" by
| their democratic governments at stages of their journey.
| logicchains wrote:
| They're only a net good if you think the government of the
| biggest economy is always morally right. Because only
| sanctions by the biggest economies have any impact. Most of
| the people in the world who aren't Americans view America's
| foreign policy as overwhelmingly a net negative, so for
| most of the world those sanctions are a net bad.
| BeFlatXIII wrote:
| [ citation needed ]
| jiggawatts wrote:
| Nowhere in the linked article does it say that his _identity_
| was censored or revoked by any government.
|
| He's a dual-citizen and presumably has his identifying papers
| on hand.
|
| To quote Wikipedia:
| https://en.wikipedia.org/wiki/Eugene_Shvidler#Sanctions
| Shvidler's sanctions take the form of a worldwide asset
| freeze, and transport sanctions; they do not affect
| his British citizenship.
|
| Painting a free billionaire oligarch living the high life
| abroad from Russia as a _victim_ is not a very convincing
| example.
| spacebanana7 wrote:
| The challenge wasn't precisely about revocation of
| citizenship, although you could take the example of Shamina
| Begum for that.
|
| The problem with these rulings isn't so much that no
| punishment is deserved, but that a government minister /
| civil service employee can declare somebody guilty. The
| only recourse is pursuing legal action to prove your own
| innocence.
| jiggawatts wrote:
| You seem to be conflating two wildly unrelated concepts
| here.
|
| This discourse is (very specifically!) about identity
| papers, not sanctions or any other form of government use
| and abuse of power.
| Macha wrote:
| The crypto people are very concerned about what happens to
| them when they believe they will inevitably become an
| oligarch.
|
| It's all a bit "temporarily embarrassed billionaire"
| megadal wrote:
| > Most of the criticisms against Web 3.0 still apply to DID. It
| can be impossible to revoke, as the article stated. Which means
| if grandma's wallet is hacked, she can be impersonated forever
| by the hacker, and not even the government can help her with
| this.
|
| VCs have credentialStatus, the id property of which is supposed
| to be a URI resolving to an RDF defined object dictating the
| status.
|
| This means the issuer can just update the entity living behind
| that URI to revoke bad credentials.
|
| https://www.w3.org/TR/vc-data-model-2.0/#status
| jiggawatts wrote:
| If there's a central revocation list, then it's a centralised
| identity with a centralised authority.
|
| That's the opposite if the "distributed" in DID, at least in
| the sense that the pro-Web-3.0 crypto fans are claiming.
| Animats wrote:
| > Web 3.0 failed because cryptocurrencies can't support the
| high bandwidth and low latency required.
|
| Er, no.[1]
|
| [1] https://www.web3isgoinggreat.com/
| cmdli wrote:
| One thing that is worth mentioning is the idea of a "private
| life" really hasn't ever existed. Even before the internet and
| computers, banks still held records of customer identity,
| merchants would still track their customers and what they bought,
| and the government could still take those records with a warrant.
| Even before then in pre industrial or rural areas, people would
| generally know who the people around them were and would
| regularly discuss what others were doing.
|
| The idea of a completely anonymous citizen that can bank, buy,
| and talk with others with full control of what other people know
| about them is pretty much a modern invention and is slowly
| disappearing again and society adapts to a technological world.
| mjevans wrote:
| The problem is; it used to take lots of real effort and
| therefore expense to investigate those facts. The results are
| now worth far more, and the cost is now far less.
|
| That is a change in the structure, the unwritten expectations
| of society, that I agree we should resist that change.
|
| The previously unwritten expectations should be codified into
| rules that should be followed.
| andy99 wrote:
| These "gaslighters" seem to show up to many discussion to say
| "what's the big deal, it's always been that way" when it
| obviously hasn't. I guess it's people who want the change and
| are trying to justify it?
|
| Anyway, a good analogy is photo radar. Speed limits are set
| knowing everybody speeds. We could now easily enforce them
| everywhere. But if we do, we need to raise them to an
| appropriate level, not the "we know you're breaking them"
| level. Same with what you're saying about privacy, as the
| cost of invading it goes down, we need different controls, we
| can't just be cool with it because it was always
| hypothetically possible to hire a private investigator to
| stalk someone.
| vladms wrote:
| > We need to raise them to an appropriate level I do not
| know what most people would find an appropriate level (I
| for one would prefer the current level, you would prefer a
| raised level).
|
| Somehow I feel the same about all the privacy discussions.
| Are people really understanding and would be impacted in
| the same why by privacy issues or is this just a fight
| between various interests with no connection with the
| actual people?
|
| To give an (extreme) example: without social networks
| elections will be influenced by newspapers and television.
| Would "the actual person" be much better of because he is
| influenced "by different people"?
|
| Sometimes I wonder how it would be if some things would be
| less private. (for example if wealth information would be
| less private, would it be harder for some people to do
| "dubious stuff", from straight illegal, to huge bonuses,
| etc.). I mean look at open source - is open source a result
| of "let's keep everything private and separate" idea or
| exactly the opposite... ?
| Yujf wrote:
| Radical transparancy only works in a world of radical
| acceptance. I deliberately hide some stuff I do from some
| people not because it is shady but because it will impact
| their view of me in a negative way.
| dzhiurgis wrote:
| > We could now easily enforce them everywhere
|
| We do. Approved half a decade ago -
| https://www.sae.org/news/2019/04/eu-to-mandate-
| intelligent-s...
| vasco wrote:
| In my grandma's village everyone knew that a neighbor was
| cheating, who got pregnant, and details about every single
| person in the village. Nowadays it's easy to track which
| websites I go to, but none of my neighbors have any clue
| about what I'm up to.
|
| With this in mind, outright calling people that notice this
| gaslighters is immature. Make your point or don't.
| Karellen wrote:
| You've literally just pointed out the difference between
| the people who used to know what you're up to, and the
| people who now know what you're up to.
|
| Anyone trying to convince you there is no difference
| between the two states is trying to make you ignore that
| difference in the world, and convince you that your
| perception of that difference is faulty or mistaken.
|
| How is that _not_ gaslighting?
|
| But - the difference in effect is that, under the old
| system, the government could not immediately get a
| summary of that information from everyone in the village,
| and do so without possibility of word getting back to
| you. Nor could a prospective employer. Or a bank manager.
| Or someone half-way round the world wanting to scam you
| out of your life savings. Or someone wanting to run for
| political office. Or someone wanting to persecute
| cheaters/unwed mothers/"sexual deviants"/etc... for
| personal gain.
|
| Yeah, back then your private life might not have been
| private, strictly speaking. But at least it wasn't for
| sale, in bulk, at bargain basement prices, to anyone
| looking for any kind of leverage over you.
| matheusmoreira wrote:
| The only reason it is disappearing is the government keeps
| mandating surveillance. Anti-money laundering and know your
| customer are just the financial arm of global mass
| surveillance. They just say "terrorists" and suddenly
| everything is justified. Everyone just accepts it. Just an fact
| of life that you have to do all this bookkeeping when you have
| a business. In fact, such things should be literally illegal.
| This is just some loophole the government uses to illegally
| surveil its citizens. It's illegal to warrantlessly wiretap
| everyone so they get the private sector to do it for them. Then
| all they need to do is gently ask the corporations. The CEOs
| are only too happy to get in bed with them.
|
| The bitter pill to swallow is society needs to learn to
| tolerate some amount of crime in order to maintain their
| freedom. They want the government to be all powerful so that it
| can stop crime before it even happens. They don't want the
| responsibility for themselves. The responsibility that freedom
| requires, the responsibility to personally defend themselves
| when the bad guys come knocking. No, they want to delegate it
| all to some authorities. They better hope they don't end up as
| serfs in somebody's fiefdom.
| steelframe wrote:
| > The responsibility that freedom requires, the
| responsibility to personally defend themselves when the bad
| guys come knocking.
|
| I invite you to live in Haiti for a little while and then
| come back and let us know how that went for you.
| matheusmoreira wrote:
| Why would anyone do that?
|
| Gotta actually have something worth defending in order to
| justify risking one's life. A family, a community, a
| nation. Even if you told me I could bring an entire army
| with me, I wouldn't step foot there. There's nothing in
| there for me.
| tpmoney wrote:
| >The bitter pill to swallow is society needs to learn to
| tolerate some amount of crime in order to maintain their
| freedom.
|
| I would go a step further and say that society needs some
| level of crime in order to gain freedoms, not just keep the
| ones they have. As a thought experiment, imagine you had a
| machine that would magically prevent anyone who would violate
| the law from doing so from the moment its activated for the
| rest of time. Is there any point in all of history that you
| think would be a good time to activate that machine?
| Certainly you would want to avoid activating it any time that
| slavery was legal. Probably be a good idea to skip the world
| wars era. Civil rights era would be another good time to
| avoid. The Troubles wouldn't be a great time either I
| wouldn't think. And if you believe in the benefits of medical
| usage of various schedule I drugs, I wouldn't recommend
| turning it on today either.
|
| Sure, a reduction in crime might be a great thing for
| society, and there's no telling how many lives would be
| improved if truly bad people were prevented from doing their
| crimes. But the flip side of that is I can't think of a
| single point in history where some group or action was
| criminalized that later turned out to be something that
| should not have been so. And I don't have faith that we'd
| make nearly as much progress on things without people willing
| to break the law and bring those injustices to our attention.
| krunck wrote:
| Great example! Thanks.
| deathanatos wrote:
| I feel like I'm missing some background. Yes, there's been much
| clamor for forcing use of government IDs recently, but I would
| hardly call any such system "decentralized", given its reliance
| on government ID -- that seems like an inherently centralized
| system.
|
| Is someone calling these "decentralized"? To me, decentralized ID
| is OIDC, which is "being developed" it's mostly not catching on
| at all, in favor of sadly centralized system like "login with
| [Google|Facebook]".
|
| Is there some weird crypto-blockchain-something-something that
| I'm not aware of?
| bawolff wrote:
| I think OIDC is more "federated" than "decentralized"
|
| I have no idea what the bitcoin people mean by decentralized.
| It sounds like PKI with extra steps. _shrug_
| mdavidn wrote:
| OIDC has very much "caught on" in business contexts. Large
| organizations end up with hundreds or thousands of independent
| internal tools, many hosted externally. OIDC and SAML are
| common protocols for centralizing employee authentication and
| governance.
| fiddlerwoaroof wrote:
| It's not really "OIDC", though, because there's so many
| options possible that the standard itself is basically
| useless: you have to implement Google, Microsoft, Okta, etc.
| separately anyways
| jebby wrote:
| OIDC has for sure caught on. I've worked in multiple roles
| where very smart identity-centric people consider it the best
| option.
| bdd8f1df777b wrote:
| In my working context, a "decentralized" government issued
| (digital) ID refers to an identity whose verification does not
| require a connection to the government server (e.g.
| verification is done by public key cryptography). So the
| government always has to participate in the issuance of that
| digital ID, but it doesn't know when and where you have used
| your identity. ISO/IEC 18013-5 is an example of this type.
|
| By contrast, a "centralized" digital ID phones home every time
| it presents and verifies. I don't know any standards, but most
| digital identities in China are of this form.
| hedora wrote:
| Identification based on a Certificate Authority is
| fundamentally centralized.
|
| The CA is a single point of failure that can arbitrarily
| issue or fail to issue an identity certificate.
|
| If you use lots of interchangeable CAs, then it "fails open",
| in that any one CA can issue certificates for everyone.
| That's still a single point of failure.
|
| If you tie the ID to the Certificate Authority (e.g. gmail
| offers certs for gmail addresses), each person still is
| impacted by some single point of failure.
|
| I'd say all these schemes are centralized.
|
| I'd call the things you describe "offline identity
| verification", though there is an additional nuance: the
| scheme could work offline, but still send a log of what
| happens when it reconnects. With that, the privacy properties
| are as bad as online schemes.
| rendaw wrote:
| "Offline" seems like a better descriptor than "decentralized"
| in that case.
| Muromec wrote:
| Government IDs in general are decentralized in a sense that
| there is more than one issuing authority. People really love to
| overbuild capabilities when designing this stuff -- digital
| signing chain of trust, blockchain, contact-less verification
| through nfc or qr codes in a phone. Nobody uses that except
| government itself and most of the time they have the data in
| their demographic database, then still make a paper copy if ID
| and make you sign it so pinning you for fraud is an option
| later.
|
| Everybody else just looks at poorly-photographed jpeg and is
| like "yes, this dude is named like this". Even banks this days
| open accounts without ever touching sacred piece of plastic
| with human hands, let alone scanning it with crypto-mumbo-
| jumbo.
| bawolff wrote:
| Key management & binding keys to identities is one of the hard
| problems in cryptography.
|
| Cryptocurrency and friends really have no bearing on the problem.
| The known solutions are the same as they always were - web of
| trust, pki, tofu, pre-shared keys, or just give up and ignore the
| outside world. All have tradeoffs and are very far from
| satisfactory.
|
| If you take a subpar solution and wrap it in 10 layers of
| cryptocurrency and magical thinking, you are just left with a
| complex version of the same subpar solution.
| aaomidi wrote:
| Yep. There is no silverbullet. All these systems are doing are
| just increasing areas where a vulnerability in logic can
| happen.
| ugjka wrote:
| It must be tied to person's biological features, i don't see
| any other way. Some kind of crypto-bio hash
| hughesjj wrote:
| You can't revoke biological credentials though, at least
| not if you want the holder if those credentials to
| participate in your system
| bawolff wrote:
| Even then you still have problems with revocation.
|
| If someone steals my passport, i tell the gov and they
| cancel the old one. If someone steals your fingerprint, you
| are just screwed.
|
| There are some systems that verify things like bloodflow to
| ensure that the finger belongs to a live person instead of
| a cut-off hand. However then you end up having the problem
| of needing to trust hardware, which is fine for an iphone
| unlock feature but not so fine for this magical
| decentralized web3 stuff.
| ugjka wrote:
| Agreed, i need look more into this
| bawolff wrote:
| Its definitely a really hard problem.
|
| I think fundamentally the issue is you can't create trust
| out of nothing. Once you have something you trust, you
| can use cryptography to extend that trust in all sorts of
| complex ways. However you always need a starting point to
| bootstrap the system.
|
| I feel like there is a big connection between this
| problem and trying to prove things in pure logic.
|
| PKI is basically starting from axioms (i trust the
| following CA's as a starting point)
|
| Tofu is the reflexive property - we know that x=x
|
| Web of trust is some sort of coherence model (in the
| sense of https://en.m.wikipedia.org/wiki/Coherentism )
|
| I think to make real progress on this problem, we need to
| make progress in epistomology.
| MichaelZuo wrote:
| Biological credentials could work even without revocation
| if you use a lot of them simultaneously.
|
| It would be like asking for many usernames that are semi
| public instead of a username and password.
|
| e.g. multiple fingerprints plus iris scan plus voice
| print plus facial scan.
|
| So even if a few get stolen and successfully replicated
| somehow to fool the system into thinking it's a living
| person, it still won't be enough to steal the identity.
| dzhiurgis wrote:
| Do biometrics use actual fingerprints or biometric
| template? I.e. you can revoke template and issue a new
| one?
| Muromec wrote:
| It's fine to trust hardware if you, as a party who
| performs the check, installed and paid for said hardware.
| The problem comes when somebody else has to judge whether
| you performed the check correctly and trust _you_.
| CryptoTotalWar wrote:
| Polykey is an open-source, decentralized secrets management
| solution that uses GitHub as an identity provider (IDP). During
| the initial setup--akin to creating a new digital wallet--users
| authenticate and claim their GitHub identity via the Polykey
| CLI. This step binds their Polykey node to their GitHub
| profile, verifiable through a publicly visible cryptolink
| called a "gestalt identity" displayed on their GitHub user
| profile or gists.
|
| Within the Polykey network, each node can host vaults that
| safeguard sensitive information. By integrating identity
| verification directly into this decentralized framework,
| Polykey enables users to discover, trust, and securely share
| cryptographic keys with other verified nodes. This system
| departs from traditional methods that depend on anonymized
| wallet addresses for user discovery, offering instead a
| mechanism for direct interaction within users' operational
| environments, provided their identities have been linked to
| their nodes.
|
| This approach aims to tackle foundational challenges in key
| management and identity binding. Do you think integrating
| identity verification in this way could improve the management
| and security of cryptographic identities? Are there any
| potential advantages or drawbacks you foresee with this model?
| bawolff wrote:
| Congrats, you reinvented PKI.
|
| If it works for your usecase, great. But lets not pretend its
| any different from the things we were doing in the 90s.
| SgtBastard wrote:
| While being slightly more generous than my sibling comment:
|
| If you've got a peer-to-peer network of information nodes,
| where each person is able to assert information about
| themselves in their node, but the whole trust is based on the
| polykey binding at setup, I see 3 key challenges:
|
| 1) Where's the real world verification of any identity
| attributes stored in the node? 2) How do we detect when/if
| the root key has been compromised, allowing arbitrary new
| vaults and identity attributes to be automatically trusted
| within the network?
|
| 3) How does this meaningfully improve the experience over
| having a CA sign a certificate that contains attributes about
| you? (sibling poster's argument).
| mattdesl wrote:
| having a cryptographic government-backed digital ID could really
| be a great and privacy-preserving feature of modern society. for
| example: ZK proofs are now practical, and could improve upon the
| status quo of sending a digital JPG of a scan of your passport to
| a third party for some arbitrary verification.
|
| The post reads a little bit overblown.
| anonym29 wrote:
| I will never upload photographs of my government-issued photo
| ID for any reason. I will never utilize any gov-backed digital
| ID.
|
| I will go down screaming, fighting, kicking, biting, and faxing
| my tax returns to the IRS, really doing everything lawful in my
| power to drag the whole system to a halt if digital ID gets
| forced on me. I don't care if I have to write a script that's
| going to trade bitcoin 800 times a second on 12 different
| exchanges, I don't care if I have to make my tax return 200,000
| pages long and deliberately reorder the stack so that every
| single sheet is out of order, and it's all in a font that was
| deliberately chosen to be incompatible with OCR systems. If the
| US government will let me submit my tax returns in Farsi, Urdu,
| or Esperanto, or some other obscure language that the IRS would
| need to hire someone to translate, I will, just to add all of
| the absolute maximum pain, inefficiency, and suffering into
| this process.
|
| Keep pushing this shit on people who don't want it. Malicious
| compliance is like reflected DDoS attacks with huge asymmetric
| I/O sizes: I alone can easily force the government to waste
| 10,000+ hours of effort for each hour I put in, and what's
| more, I can and will write tutorials, open source all of this,
| and advertise it everywhere if digital ID does get forced on
| society.
|
| Problem with this? Stop pushing digital ID or start pushing to
| let me renounce my American citizenship without posessing
| another citizenship.
| mattdesl wrote:
| Digital ID that I'm describing would be a way to _avoid_ the
| current awful status quo of uploading your passport online
| (which, in the UK, has become common for things like banking,
| immigration, and other services). I'm not sure what your
| issue is.
| michaelt wrote:
| I'm not sure that would work all that well to be honest.
|
| Seems to me, the whole reason ID cards have photos on is
| because they get lost/stolen/borrowed all the time.
|
| Even if the government had the inclination to run a big
| national IT project so I could use zero knowledge proofs to
| verify my age for pornhub by scanning my driving license NFC
| chip, they'd _still_ end up needing a webcam face check to make
| sure I wasn 't some kid using dad's driving license. At which
| point the privacy angle becomes a joke anyway.
| ranger_danger wrote:
| Yes but having a fake card is an entirely different animal to
| deal with.
| megadal wrote:
| This entire article is just wrongly conflating Verifiable
| Credentials (VCs) with DIDs and then citing those false
| conflations as weaknesses of DID.
|
| > If decentralized ID is just an extension of the existing
| government ID system, it provides neither privacy nor financial
| inclusion.
|
| VC is a spec built on top of DID, in no way shape or form is VC
| required for DID.
|
| This statement alone shows the author doesn't understand (or is
| intentionally misrepresenting) the relationship between DID and
| VC (which is kind of crucial to write an entire blog post on
| either topic)
| megadal wrote:
| Also, the other points made aren't the reason VC was conceived.
|
| > And just like the existing system, it continues to exclude
| millions of people who can't get government ID
|
| VC is a technology for convenience, not solving social
| problems. It's basically just to enable technologies like Tap
| to Pay but for your Gov IDs.
|
| E.g. rather than having to carry your drivers license you just
| carry your phone. It's almost as if the article misses the
| entire purpose for which VC is designed (but then again, what
| can one expect when they're criticizing DIDs yet -actually-
| talking about VC throughout the entire post)
| krunck wrote:
| I reject any system that will require me to carry a phone.
| Phones are expensive, brittle, and annoying. Biometric is far
| better.
| filleokus wrote:
| I'm reading the article as essentially saying "decentralised ID's
| dosen't solve anything".
|
| If you have them "backed" with governmentally issued ID's, they
| allow the government ID monopoly to continue (with all its
| claimed faults). If they are instead completely separate they
| will not be considered "valid" in most situations where ID's are
| required.
|
| Then the author warn against the whole idea of having one,
| single, strong identifier connected to your person at all, and
| urges for the option of creating multiple identities.
|
| In almost all circumstances where identification is required, the
| whole point of requiring ID falls apart of you can create a new
| one whenever you want. We can of course argue that the whole
| surveillance society is wrong. KYC requirements, no fly lists,
| credit scores etc, but any proposed system need to have these in
| consideration or forever only be applicable in niche
| environments.
|
| Feels like DID is just keybase.com (pre coin-spam and zoom
| acquisition) or pgp.mit.edu wrapped in a pyramid scheme.
| kiitos wrote:
| Identity (in any meaningful sense) must always delegate trust to
| some kind of issuing authority. If for no other reason than
| because any humane system must always accommodate users who
| forget their passwords, lose their private keys, etc. Key-pairs
| are ephemeral device tokens, they are not sources of identity.
|
| KYC is in no way any kind of problem that needs to be fixed, it's
| a necessary and Actually Good feature of any sufficiently broad
| financial system. Avoiding KYC-type stuff may make sense in the
| small, but is actively harmful in the large.
| crooked-v wrote:
| More important, I think, is that the issuing authority is also
| legally obliged to actually give a shit, or else you just get a
| repeat of the current state of affairs where, for example,
| forced 2FA and no customer support means homeless people get
| locked out of all their accounts every time a device fails or
| is stolen.
| vintermann wrote:
| Yes, and if there's any easy way to recover from that, then
| implicitly the identity system can't be used to prevent Sybil
| attacks/spam, since it would be easy to make a new account
| when you _didn 't_ lose your keys too.
|
| But the article suggests that relying on government issued
| IDs as a base lets government track all that we do. That's
| not the case, and is the point with all these systems. It
| should be possible for instance, using cryptography, to make
| a distributed chat room service where it's public who has
| signed up for a chat room, but not who of the posters in it
| are who.
|
| To be able to selectively prove your identity, including
| connection to the government-accountable you, without
| directly involving the government or even anything licensed
| by the government, would make us more free online, not less.
| brabel wrote:
| That's one of the big reasons why the EU is avoiding using DID.
|
| The author seems unaware that DIDs are now removed from the
| latest specs from the OIDC Working Group and EU's eIDAS.
| j_san wrote:
| Do you have any links where one can read about the removal of
| DIDs?
| brabel wrote:
| Just to clarify: DIDs are not removed from the basic OIDC
| specs (at least yet!), they're just no longer being
| considered by the high assurance profiles and EU work as
| they were deemed unsatisfactory for a lot of reasons,
| including those OP criticizes (but also due to other basic
| things like citizens not being able to replace lost
| "documents" - normally keys - which is a must-have for any
| serious, widely used identity solution).
|
| I suggest you start here: OpenID for Verifiable Credentials
| - Overview (https://openid.net/sg/openid4vc/)
|
| There's a link there where it says: "European Digital
| Identity Architecture and Reference Frameworklists OID4VCI,
| OID4VP and SIOPv2 as required for certain use-cases"
|
| The basic specs still have DIDs and the w3c VC model, but
| they're moving away both of those, as it seems... notice
| how all links to other specs are currently to ISO specs
| instead:
|
| "The following draft ISO standards reference:"
|
| - draft ISO/IEC TS 23220-4 profiles OID4VP to present mdocs
|
| - draft ISO/IEC TS 18013-7 profiles OID4VP to present mDLs
| (mobile driving licence)
|
| - draft ISO/IEC TS 23220-3 profiles OID4VCI to issue mdocs
|
| The initial page has a tab with links to the specs...
| here's a direct link to the main Verifiable Credentials
| spec (Editor's Draft with latest changes - this can be
| updated at any time still):
|
| https://openid.github.io/OpenID4VCI/openid-4-verifiable-
| cred...
|
| This spec still supports formats which require the use of
| DIDs, but none of these formats are being used by the
| financial-grade profiles or by the EU's initiatives anymore
| (the whole ebsi thing seems to be a dead end).
|
| That basically means there will be two very separate
| worlds: one where DID, w3C and blockchain technologies are
| used, and another one where OAuth, OIDC, mdocs are used
| (the one favoured by the EU and financial profiles, e.g.
| the high-assurance interoperability profile says that keys
| must be resolved from OIDC well-known metadata endpoints:
| https://openid.net/specs/openid4vc-high-assurance-
| interopera...).
| logicchains wrote:
| >Avoiding KYC-type stuff may make sense in the small, but is
| actively harmful in the large.
|
| No, it's a trade-off. No KYC makes it possible for people to
| lose their identity, but it's also the only way to guarantee
| full privacy/anonymity, and to make it so the identify-provider
| doesn't have the power to de-platform anyone. Historically
| speaking, governments and corporations silencing dissidents has
| done far far more harm to humanity than people losing their
| accounts due to forgetfulness etc.
| cateye wrote:
| There is a logical error in this statement:
|
| "governments and corporations silencing dissidents has done
| far far more harm to humanity than people losing their
| accounts"
|
| People can not loose their accounts, because they are
| governed which makes silencing possible.
| non-chalad wrote:
| Bureaucratic malfeasance, error, or just plain bad luck,
| can loose people their accounts, even with government not
| silencing them.
|
| e.g. a fly landing on a sheet of paper, blocking the print
| head long enough to generate "Tuttle" from "Buttle",
| resulting in a long chain of violent events for some
| unassuming individual...
| denton-scratch wrote:
| > Key-pairs are ephemeral device tokens, they are not sources
| of identity.
|
| If you take "identity" to mean "the same thing", then you can
| certainly use a key-pair to show that two documents were signed
| by the same signing key. Of course, the owner could have lost
| control of their private key, but that could happen to
| government-issued ID as well.
|
| If you want "identity" to mean "official persona", then there
| can only be one of those per person, which means government-
| issued. I think government ID should only be used for
| interacting with government; online purchases shouldn't rely on
| government ID.
|
| Banking is awkward. To get a bank account, you usually have to
| produce government ID. But then the bank issues you with a
| bank-issued ID, which is effectively just a proxy for your
| government ID. It's weird because banks are not part of
| government, but they have quasi-governmental obligations, e.g.
| KYC. Even government departments do this; to sign up for self-
| assessment with HMRC, I have to prove I am who I say I am with
| government ID; but then HMRC issues me with an HMRC ID. That is
| nuts.
|
| I want to be able to have multiple IDs that are not linked. I
| shouldn't have to give government ID to make an online
| purchase. And I shouldn't have to risk exposing my purchase
| history when I sign a post to an online forum. It's perfectly
| legal (here, at least) to have multiple real names; for
| example, I mainly go by my nickname, which doesn't appear on
| any official document. Online identity should mirror that.
| non-chalad wrote:
| > I want to be able to have multiple IDs that are not linked.
| I shouldn't have to give government ID to make an online
| purchase
|
| But how will your benevolent rulers be able to socially
| gamify your behaviour and direct who gets to interact and
| mate with you? If social credit systems are to work, we need
| KYC and centralized ID.
| denton-scratch wrote:
| > If social credit systems are to work, we need KYC and
| centralized ID.
|
| I think we need KYC. That doesn't mean centralized ID. As
| far as social credit systems is concerned, I take it you
| are being humorous, but I don't think there's much that's
| amusing about "social credit".
| non-chalad wrote:
| Only the seller and buyer need to know each other.
| Anything beyond, is shoe-in for tyranny.
| hooverd wrote:
| I think your Reddit score should count towards it.
| MichaelZuo wrote:
| The second part of your post seems to contradict the first
| part, if it's not linked to the government ID how can anyone
| know if it's the bonafide original and unique persona? And
| not some duplicate?
| denton-scratch wrote:
| > the bonafide original
|
| If you take "the bonafide original" to mean the government-
| issued ID, then obviously only the government-issued ID is
| boner-fido. But there's no reason why that should be my
| only ID; I could, for example, generate my own keypair, and
| hire a notary public to attest that the holder of the
| keypair is (select any):
|
| [] Good for ten-grand
|
| [] Older than 18/21
|
| [] The person shown in the accompanying (signed) photo
|
| [] The author of xyz.blog
|
| [] The same person as government-ID xxxxx
|
| Only the last needs to be linked to a government ID, but
| all the others are authentic, bonafide attestations.
|
| And such an ID would not be a duplicate of anything (not
| sure why you mentioned duplicates; passports, bus-passes
| and driving licences can all be duplicated).
| Evidlo wrote:
| > then obviously only the government-issued ID is boner-
| fido
|
| Never heard of it. Is it an extension of FIDO2?
| denton-scratch wrote:
| It's a deliberate mis-pronunciation of "bona-fide" that I
| snagged from the comedian Dawn French.
| MichaelZuo wrote:
| Let's say someone is 22, how can they credibly attest to
| being older than 18/21 without referring to some sort of
| government record?
| denton-scratch wrote:
| Distinguishing a 21-year-old from a 22-year-old without
| resorting to government records is a challenge, I agree.
|
| They could produce their parents, or any witness of their
| birth.
|
| They could (if they were born wealthy) produce a
| hallmarked silver spoon engraved with their name. Not
| proof, but persuasive.
|
| They could produce their 21-year-old younger sister, who
| has government ID (yeah, I know, that is a resort to
| government ID).
|
| Best of all: they could produce a birth certificate,
| signed by a doctor (not itself government ID, just a
| prerequisite to getting a government ID).
| jjgreen wrote:
| In 20 years, a 40 year old will need ID to buy cigarettes
| in the UK ("well you say you're 40, but maybe you're a
| mature 35 year-old").
| jMyles wrote:
| > Identity (in any meaningful sense) must always delegate trust
| to some kind of issuing authority. If for no other reason than
| because any humane system must always accommodate users who
| forget their passwords, lose their private keys, etc.
|
| Web of trust protocols are a decades-long solved problem
| (albeit without a prevailing deployment yet). It seems like
| your comment is meant to be quietly denigrating toward them (or
| do I have that wrong?). May I ask why?
|
| It seems like eventually a web of trust model is going to arise
| and win over a critical mass.
| nearting wrote:
| Even in a web of trust, you're delegating trust to someone
| that you treat as an authority. Especially in practice, where
| the long-term outcomes of webs of trust tend to be either (1)
| the scale is nowhere near sufficient due to the effort
| involved in verification, or (2) you end up de facto trusting
| some authorities who can provide that scale, at the cost of
| the identity verification being less meaningful. Sure, it
| might be easier to cut off or reroute trust if things go
| south, I don't see us reaching a critical mass for a
| significant scale any time soon.
| Joker_vD wrote:
| > But why do you need to verify a name? Why not take someone at
| their word, and allow them to choose what name they want to use?
| Why do all actions need to be linked to a single persistent
| physical identity?
|
| Why indeed.
|
| There is an adventure novel "The Count of Monte Cristo" in which,
| as a small subplot, two ex-convicts are made to pose as Italian
| nobility in the Parisian upper society. Of course, nobody would
| believe such claims just on their own word _for obvious reasons_
| , which is why an "introduction to the society" was a custom. It
| still could be faked, of course, which is exactly what happened.
|
| Also, why link it all to a single persistent physical identity?
| Because, no matter how many digital identities you use, you are
| still a single physical person, and it's actually noticeable.
| ggm wrote:
| The count gives both of them a significant line of credit:
| money overcomes much suspicion of this pair. Their assumed
| identities are a weapon, and I do not think the scam they are
| parties to helps your case.
| Joker_vD wrote:
| Well, "their assumed identities are a weapon" is precisely my
| case, and I don't even argue that G.I. identification is
| actually that great of a solution.
|
| The con tricks are as old as humanity, even if they take
| different forms in different eras, but the ground problem is
| the same: if someone approcaches you and claims to be e.g. an
| important noble named such and such from the overseas, they
| could very well be telling truth--or they could be lying,
| _and there is almost no way to tell_ for certain, even though
| there are some good heuristics (their wealth is one, as you
| allude to).
| ggm wrote:
| People believe in them because the count backs them. It's
| totally facilitated by the count. He's like a corrupt CA
| signing the diginotar certificate
| Joker_vD wrote:
| Byt why did people believe the count? IIRC, he had pulled
| some quite elaborate scheme to get the recognition and
| respect in the Paris, and he was also introduced there by
| Albert de Morcerf.
| caporaltito wrote:
| I think "The state won't give up its monopoly on identity" is the
| most violently american sentence I read in the whole year.
| bhawks wrote:
| I am who they say I am.
|
| Who gets to choose the they?
| soco wrote:
| If you choose to request and receive "their" services then
| "they" get a say. Thus, if you use stuff like roads, schools,
| ambulances, airports, insurances, or the police, then you are
| part of the society. Of course you can retreat in a forest
| and use none of those, then you have a valid point in
| rejecting central authorities, but only then.
| bhawks wrote:
| Now I need to have an ID to bike down a road, ride a bus,
| report a crime?
|
| Do they also have a right to build a database of every time
| I utilize my ID? What's stopping them?
|
| I think there is already a large group of people who would
| prefer to live in a society without ceding that much power
| to a centralized authority.
| RandomLensman wrote:
| Any ID system that isn't just totally run be each
| individual themselves is ceding power to someone.
|
| Whether you need an ID to do certain things or are
| tracked doing certain things is also a very separate
| issue.
|
| What is stopping "them" is that "them" in liberal
| democracies (as a technical term) isn't free to do
| whatever they please nor beyond control/recall/etc. If
| you want to live in a society, there will be rules,
| implicit or explicit, on how people interact, delegate,
| etc.
| raverbashing wrote:
| together with "I'm only traveling" and appearing on some YT
| video on roadstops with predictable but hilarious consequences
| Affric wrote:
| It's a reference to Weber.
| xcdzvyn wrote:
| I understand its shallow of me, but I stopped reading exactly
| here.
|
| Your government needs to know who everybody is. That means
| illegal immigrants can't get drivers licenses, and that's kind
| of the point.
|
| > Even IDs for undocumented people (such as Californian AB 60
| driver's licenses) require a foreign passport, national ID card
| or birth certificate, and can't help people who have no state-
| issued identity documents at all.
|
| > This existing ID system is harmful, inaccessible and a single
| point of failure
| BlueTemplar wrote:
| > Unfortunately, it is unlikely that the state, who forces
| government ID regulations onto businesses, employers, landlords
| and healthcare providers, will accept web-of-trust vouches or
| biometrics as "proof of identity".
|
| Having looked into it a little bit, web of trust (in the word of
| mouth / paper form) is already a legal proof of identity.
|
| It was legalized again after WW2, and government ID made optional
| again rather than mandatory, because the people that forced
| mandatory IDs on everyone were literally the Nazis. (Related
| previous history : factory owners and workers.)
|
| So looks like it's a matter of preservation of fundamental rights
| to insist on using web of trust rather than ID... and most
| specifically a question of everyday(ish) practice, so the
| question is how to best push back against the normalization of
| mandatory IDs ? (In which countries can you sue an administration
| / a business for refusing to work with you because you refused to
| provide them an ID ? Does it need to be escalated to civil
| disobedience and laws changed ? Other options ?)
|
| Of note : this is perhaps only a step in the "Police State-
| ification" of our societies. At some point, you didn't have a
| fixed first name / surname / address. But then (for instance)
| Hausmann demolished your neighborhood, made one more legible to
| the state instead, and next time the (Paris Commune) riots
| happened, they failed. It also made you easier to tax, but also
| brought better sanitation and "foreign" firefighters and
| ambulance drivers could actually quickly find you. The question
| is : how much (by definition, unnatural) state legibility is too
| much, how little is too little, and how to maintain homeostasis
| in the right range ?
| alfiedotwtf wrote:
| Can't we just go back to drawing a squiggle on a piece of paper
| where the verifying party kind of just eyeballs it and if it's
| good enough (if they even looked at it in the first place), then
| it's authenticated.
| vinay_ys wrote:
| > With a web-of-trust, friends or family could vouch for your
| name, age or location; landlords could vouch for your address;
| employers could vouch for your skills; customers could vouch for
| businesses; and so on. As it doesn't rely on government
| databases, but rather the people you know, it is truly
| decentralized and accessible.
|
| This is literally how it works in majority of the real world;
| except for things where government has a role to play; most
| common case is taxes. If you are a landlord and collect rent from
| tenant and if either of you want to make tax related claims to
| the government, then you will have to provide/quote each other's
| government recognized identity in your tax returns.
|
| For large parts of the population in the lower socio-economic
| strata, even this won't be relevant. And that reliance on that
| web-of-trust is the problem for them due to class discrimination
| etc. Hence, having a government issued identity (as a universal
| right) which acts as an anchor to which trusted attestations can
| be attached to is critical to make a difference in the life of
| the last person in that socio-economic line.
|
| This is in essence the basis for India's identity system
| Aadhaar[1] - which is super minimal identity system - just
| biometrics (fingerprint, iris scan, head/shoulder photo, gender)
| - mapped to a a 12 digit number (basically a unique key in its
| database); plus 3 additional demographic fields - name, age (date
| of birth), address - which require external anchor proofs (which
| are very weak proofs). Here's the full list of accepted proofs -
| https://uidai.gov.in/images/commdoc/valid_documents_list.pdf
|
| 1. https://uidai.gov.in
| jgeada wrote:
| Why do people keep (deliberately?) confusing identity with
| authentication (and authorization)?
|
| 1) Identity is not supposed to be a secret, it is merely who you
| claim to be. It is no more secret than someone's name. Somewhat
| similar to the public key in a public key cryptosystem.
|
| 2) Authentication is the proving that who you claim to be is
| actually who you are. Many systems fail or don't even perform
| this step. Failure to do this causes wrong attribution of
| problems, it is why identity theft is not a failure of the victim
| but of the provider: a bank just took identity as if it was
| authentication and gave an unauthenticated user invalid access
|
| 3) Authorization: does the person who we've authenticated to be
| the person they claim to be actually have permissions to do what
| they're attempting to do. Not everyone with legitimate access to
| a system has the authorization to do everything. For example,
| maybe you can read a file, but not modify it.
| from-nibly wrote:
| I dont want my identity to be public. Its not like a public key
| at all.
|
| My weight, height, eye color should only be as public as i make
| it. Thats all part of my identity.
| kkfx wrote:
| Ehm... Actually "problem 2" is not a problem but a feature, at
| social level, and unfortunately some states start to think
| allowing private companies to give identities (for driving
| license or ID cards or "just" digital identities) to citizens-
| users.
|
| A democratic State is owned by their Citizens, formally at least,
| so only Citizens can identify other Citizens. Not really a
| monopoly but a safeguard not to be bannable by Google ID because
| some "terms violation" with no appeal.
|
| For really decentralized systems the classic chain-of-trust model
| is more than enough IF people really invest in it.
___________________________________________________________________
(page generated 2024-04-22 23:02 UTC)