undefined | Better HN

0 pointsbawolff1y ago0 comments

Its definitely a really hard problem.

I think fundamentally the issue is you can't create trust out of nothing. Once you have something you trust, you can use cryptography to extend that trust in all sorts of complex ways. However you always need a starting point to bootstrap the system.

I feel like there is a big connection between this problem and trying to prove things in pure logic.

PKI is basically starting from axioms (i trust the following CA's as a starting point)

Tofu is the reflexive property - we know that x=x

Web of trust is some sort of coherence model (in the sense of https://en.m.wikipedia.org/wiki/Coherentism )

I think to make real progress on this problem, we need to make progress in epistomology.

0 comments

MichaelZuo1y ago

Biological credentials could work even without revocation if you use a lot of them simultaneously.

It would be like asking for many usernames that are semi public instead of a username and password.

e.g. multiple fingerprints plus iris scan plus voice print plus facial scan.

So even if a few get stolen and successfully replicated somehow to fool the system into thinking it's a living person, it still won't be enough to steal the identity.

j / k navigate · click thread line to collapse