Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
5- 5 days ago

why wouldn't an identity/age verification scheme that blinds both sides work?

e.g. a site wants to have some proof of identity. it generates a token and sends the user with it to a government service. the service verifies the user's identity, signs the token and sends the user back.

now the site knows that the government service has verified the identity (and relevant characteristics, like age threshold), but doesn't know the identity. the government service obviously knows the user but doesn't know the online account tied to the identity. this can be further separated by using a middleman authentication provider, so that even the site identity itself doesn't reach the government.

am i missing something obvious why that wouldn't work?

xnacly 5 days ago | parent | next [-]

It wont work because gov has no interest in not knowing which service the user is trying to authenticate themself to, it is in its interest to connect these informations. We see exactly these attempts every 2-4 years in the eu parliament.

5- 5 days ago | parent [-]

i suspect it's a matter of how you sell the idea of this service to the governments.

i agree that the usual overreach will stand in the way, but i feel (perhaps wrongly) that the idea hasn't been pitched in earnest.

crowbahr 5 days ago | parent | prev | next [-]

You mean like the DiD w3 spec? https://www.w3.org/TR/did-1.0/

It's not _double_ blinded but it allows end users control over information shared and has proof of ownership built into it.

throwaway290 4 days ago | parent | prev [-]

it works (ZKP, DID) and some countries do it (https://www.forbes.com.au/news/innovation/why-the-future-of-..., Germany too allegedly)