• maltfieldOP
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    8 months ago

    Hi, author here.

    I didn’t expound on eIDs, but I did link to the Estonian solution, which has been around for more than a decade. It has some issues, but I think it’s a good baseline that’s better than non-cryptographic State auth systems. I’m going to assume you’re talking about the US eID system. I haven’t looked much at the USA’s eID solution, but I wouldn’t be surprised if it’s terribly designed.

    The EU is currently working on an eID system, with the goal to force all Member States to adopt it by 2016. If done wrong, eIDs could be terrible. If done right, it could greatly improve the security & privacy for all. I recommend the Please Identify Yourself! talk at 37c3 about the state of eID legislation as of Dec 2023 (and how to learn from India, who did eID horribly wrong):