Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I'm curious, if you think that this big problem has a simple solution, why do you think that the solution has not been widely adopted?


I can only speculate but I've given a lot of thought to this problem and:

1. nobody has suggested it as an alternative; nobody wants to completely get rid of the system we have now. PKI requires electronics to create and verify signatures created with the keypairs.

2. Because financial institutions do not care and it's not their prerogative. The social security administration is not responsible for people's credit reports and as far as their concerned their is no problem.

3. People are afraid to try new things and new technology and it's up to the government to see that it's done correctly. Theoretically a problem could arise from somebody making a business out of "keeping track of your private key for you" which negates the purpose entirely.

4. People are lazy, and not everybody cares and doesn't necessarily speak to the benefit of people who don't care about their credit or their identity which is why I say it should be an option.

5. If cryptography fails, then the whole thing is pointless. But, I think most people will agree if cryptography fails we will have much bigger problems.

The solution I have in mind is similar to what I've seen with "paper bitcoin wallets" where you have two QR codes: a public and a private key. Imagine a social security card with two QR codes. When you create a bank account, or when you get a state id or something you can get another set of qr codes, that have a record of signatures provided by a state department's private key or that of a financial institution along with a signature provided by your social security card. With your new set you can safely put away your social security card. The idea being, signatures can represent business and billing agreements as well as establishing an identity chain similar to how PGP's web of trust works. Anyone can have your public key, you just have to keep your private keys safe. Even if somehow you stupidly manage to screw this up, it's not that hard to start over. People lose social security cards now and they have to be re-issued. They just have to come up with the system for it and start doing it.


Because user-first nym systems would solve the problem for consumers, not the surveillance stakeholders. Once again, if you're not the customer, you're the product.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: