It is hard to understand the argument here. PKI is not identity.
Why is there a PDF of your identity card, and why is it encrypted? Surely nothing publicly visible on the identity card is private information.
Private identifiers on citizens would not be very useful.
It seems like a lot people here are confused as to what is an identifier and what is authentication. An identifier uniquely identifies someone (the uid), while authentication is the way to prove identity (the password). One is normally public while the other has a secret component to it.
Perhaps unwittingly, you just described PKI. Two keys: one is public and identifies someone (or something), and the other is private and can be used to prove your identity.
Encrypting with the public key can be done by anyone, but only the private key can decrypt. This allows encrypted communication.
But encrypting with the private key can only be done by someone with the private key. It can be decrypted by anyone, but only using your public key, thus proving your identity; or more accuractely, this proving you have the identified party's private key. So I ask you to encrypt some random OTP to prove your identity. Then I decrypt it with your public key to test your proof. This is how cryptographic signatures work.
Government-issued identification seems an obvious application of PKI.
PKI can be an important part of a system to authenticate your identity, but for that to work you need an identity to start with. You seem to need some sort of identity for a society to scale. Large countries tries to function without, and the result is ad-hoc identity systems instead.
A public key can be an identity, it's a perfectly workable outcome of Zooko's triangle, but it's not a very useful one for most use cases.
The article is about using phone numbers to uniquely identify people and the problems that brings.
Estonia's PKI is basically identity. Yes, you could build something on top of the public Personal Identification Number, but no reasonable provider accepts that as the username - it is a person using the certificate stored on smartcard/smart SIM(/phone) to identify and authenticate at the same time.
> It seems like a lot people here are confused as to what is an identifier and what is authentication.
I'd say it's you who can't fathom that the two things can work together and only together in some cases.
Pdf is so that Authorities do not need to print & deliver card at home( they take 20-90 days for that). They say people can download & print it as & when required.
Not all systems are online/electronic. Although explicitly prohibited, banks keep a paper copy of Aadhar & so do courier delivery, passport etc. Only mobile companies this year have done away with keeping a photostat. Law is, bank or mobile or any ask aadhar number, authenticate the request, fetch required data & store that resulting Boolean.
>It seems like a lot people here are confused as to what is an identifier and what is authentication. An identifier uniquely identifies someone (the uid), while authentication is the way to prove identity (the password).
The problem is how the average person working in the bureaucracy will see this, not how a smart programmer like you on hackernews would see it.
The world is full of average people doing average mistakes in average bureaucracies. Everything that can be abused, will be abused.
Why is there a PDF of your identity card, and why is it encrypted? Surely nothing publicly visible on the identity card is private information.
Private identifiers on citizens would not be very useful.
It seems like a lot people here are confused as to what is an identifier and what is authentication. An identifier uniquely identifies someone (the uid), while authentication is the way to prove identity (the password). One is normally public while the other has a secret component to it.