• shastaxc@lemm.ee
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    24 days ago

    And you need a central online API to validate the token, like oauth, which means any system using it needs to be connected to the Internet, and that API needs to be very reliable, kept up-to-date, and DDOS resistant.

    Or require the user to enter a PIN like with x509 certs, but then you also need a way for people to reset their PIN when it gets forgotten or compromised which means a huge bureaucratic burden and expense. And between the time of needing a reset and getting it, you’ll be unable to access any services requiring your ID token which will almost definitely cause some people from making payments (if banks change to requiring a digital ID token) and who knows what else.

    There will also be a requirement for hooking this death records in order to disable people’s tokens when they die to prevent identity theft. That’s going to require cooperation from private corporations (hospitals) and the government. I get that this is already done to an extent, but there are likely other processes like this that need to be established for this system to work and it’s not trivial.