| ▲ | Galanwe an hour ago | |
I don't quite get your point. The signer is blind to what it signs, but that does not mean there is no identity per se. A signed key is still unique. - You can still check that user 1 and user 2 don't use the same key. - You can still issue a challenge to the user every 10 days to make sure he has indeed access to his key and not just borrowed it. - You can still enforce TPM use of said keys, so that they cannot be extracted or distributed online, but require a physical ID card. - You can still do whatever revocation system you want for the cases when a key is stolen or lost. Really the "blind" nature of the signature changes nothing to what you would normally do with a PKI. | ||
| ▲ | Aurornis an hour ago | parent [-] | |
You're only describing a half-blind system. If the site you send your information to gets a uniquely identifying piece of information, that's not blind to your identity. > - You can still check that user 1 and user 2 don't use the same key. The systems described elsewhere in the thread give people a set of signatures that can't be traced back to their source. | ||