Yes, the idea of the physical ID card they discuss makes a lot of sense, however that has the problem of associating your device with your ID.
When it gets to cloud hosting the personal data and an intermediary validation service that’s where I get skeptical.
All this said, in the US there are private services that validate physical ID cards using the codes on the back or a scan of a photo of the ID, so clearly the information has already been made available to private industry from the government through some channel.
Absolutely, C is the weak link. There are ways to mitigate that, though. Like I said, there’s no need for a server. The intermediary can and should be all local.
As for cloud backups, there’s no reason to keep a log of requests, so there shouldn’t be anything to back up, other than the certs themselves. Even if there is though, that’s in the user’s sphere of influence. De-googling is becoming more and more popular, and there’s nothing preventing you from disabling cloud backups.
All this is just to take it back to my original point: The idea has some great benefits, but the implementation matters immensely
Yes, the idea of the physical ID card they discuss makes a lot of sense, however that has the problem of associating your device with your ID.
When it gets to cloud hosting the personal data and an intermediary validation service that’s where I get skeptical.
All this said, in the US there are private services that validate physical ID cards using the codes on the back or a scan of a photo of the ID, so clearly the information has already been made available to private industry from the government through some channel.
Absolutely, C is the weak link. There are ways to mitigate that, though. Like I said, there’s no need for a server. The intermediary can and should be all local.
As for cloud backups, there’s no reason to keep a log of requests, so there shouldn’t be anything to back up, other than the certs themselves. Even if there is though, that’s in the user’s sphere of influence. De-googling is becoming more and more popular, and there’s nothing preventing you from disabling cloud backups.
All this is just to take it back to my original point: The idea has some great benefits, but the implementation matters immensely