| ▲ | lvass 4 hours ago | |
You can maybe, trust the user to handle it's own certificate in their own devices? Though I admit requiring attestation is probably a good default. | ||
| ▲ | Avamander 3 hours ago | parent [-] | |
One important feature of a legal ID is that it's hard to copy, so attestation from the hardware storage would have to be basically mandatory. But yeah, the user could have a choice to this extent. | ||