You're looking at Less Wrong's discussion board. This includes all posts, including those that haven't been promoted to the front page yet. For more information, see About Less Wrong.

Mark_Friedenbach comments on Open thread, Jan. 19 - Jan. 25, 2015 - Less Wrong Discussion

3 Post author: Gondolinian 19 January 2015 12:04AM

You are viewing a comment permalink. View the original post to see all comments and the full post content.

Article Navigation

Comments (302)
Tags: open_thread

Comments (302)

You are viewing a single comment's thread. Show more comments above.

Comment author: [deleted] 19 January 2015 12:29:04PM 1 point [-]

Giving people an official RSA keypair in their smartcard government IDs is fine. That solves all sorts of problems, and enables a bunch of really cool tech.

Requiring that every public key used in any context be registered with the government, or worse, some sort of key escrow, is a totally different matter.

Comment author: ilzolende 20 January 2015 12:25:25AM 2 points [-]

I was thinking less "everyone must register all their public keys, and you can't have a second identity with its own key" and more "everyone has to have at least 1 public key officially associated with them so that they can sign things and be sent stuff securely." And that Estonian system sounds pretty cool.

Comment author: Alsadius 20 January 2015 04:23:22AM 1 point [-]

What would you estimate the probability of ever having the former without the latter being? Of having that happy state last for more than a few years?

Comment author: [deleted] 20 January 2015 02:46:15PM 3 points [-]

Well the former pretty much describes the current state of affairs. Anyone with a government ID card or national healthcare ID probably has a chip embedded with an escrowed signing key. There's really nothing unique about Estonia here -- they're using the same system everyone else is using. Even if your country, like the USA, doesn't have a national ID of some kind or doesn't have a chip embedded, your passport does. The international standard governing "smart passports" being issued by just about every country in existence for the past 5-10 years includes embedded digital signature capability.

Now I don't really know how to estimate the probability of sliding into the latter case. I don't see them as intrinsically connected however.

Comment author: Lumifer 20 January 2015 06:22:23PM 2 points [-]

Generating private/public key pairs is trivially easy.

Powered by Reddit Powered by Reddit