Personal Identity Verification (PIV) and Common Access Card (CAC) credentials used by US government & military via NFC already work on web browsers. States should just move to digital IDs stored on smartphones, with chain of trust up through the secure element...

▲

drnick1 5 hours ago | parent | next [-]

This is extremely dangerous, and would only work with hardware/software that is nonfree (i.e., not under the user's control, or any attestation could be spoofed).

	▲	beambot 36 minutes ago \| parent [-]
		This is effectively PKI for personhood. The State DMV acts as the Certificate Authority (CA), signing a "leaf certificate" that is bound to the device's hardware Secure Element. It’s less like a TLS handshake and more like OpenID for Verifiable Presentations (OID4VP). The "non-free" hardware requirement serves as Remote Attestation—it allows a verifier to cryptographically prove that the identity hasn't been cloned or spoofed by a script. The verification happens offline or via a standard web flow using the DMV’s public key to validate the data signature, ensuring the credential is authentic without requiring a phone-home to the issuer.

▲

esseph 8 hours ago | parent | prev [-]

> Personal Identity Verification (PIV) and Common Access Card (CAC) credentials used by US government & military via NFC already work on web browsers. States should just move to digital IDs stored on smartphones, with chain of trust up through the secure element...

I think you're... missing the point of the pushback. People DO NOT WANT to be identified online, for fear for different types of persecution.