upvote

points

by nly10 hours ago |
comments
upvoteby stymaar10 hours ago|
[-]
> On the internet this involves some kind of video recording being sent to some agency somewhere being paid a fee, who may later be asked to prove the efficacy of their service. This agency needs a digital copy of the photo from your ID for matching purposes.

That's why I'm talking about an “Id card” using Zero-knowledge proofs in a cryptographic chip, not using a paper ID with your picture on top…

reply
upvoteby nly10 hours ago|
parent|
[-]
Doesn't matter!

You still need to send a digital image from the id, signed by an authority, saying "this person is 18"

You then still need a trusted ID service or algorithm to capture an image of the user _at the time of use_ to compare that to.

Just having access to your digital ID credentials proves nothing

The zero knowledge proof only helps prevent tracking between the ID service and the website you're logging into. This is valuable but requires standardisation and client side support, which doesn't exist.

All the time the client side is implemented by JavaScript served from the server side you're just trusting these parties to behave and not snoop

reply
upvoteby stymaar9 hours ago|
parent|
[-]
https://en.wikipedia.org/wiki/Zero-knowledge_proof
reply
upvoteby nly9 hours ago|
parent|
[-]
Yeah...I'm fully aware what a ZKP is..you're just missing the point.
reply
upvoteby stymaar9 hours ago|
parent|
[-]
Why did you write that then:

> You then still need a trusted ID service or algorithm to capture an image of the user _at the time of use_ to compare that to.

> Just having access to your digital ID credentials proves nothing

reply
upvoteby nly5 hours ago|
parent|
[-]
Because it's accurate?

If I have access to your digital ID I shouldn't be able to impersonate you anymore than I should be able to fly using your passport.

Your passport is useful not just because it's difficult to forge, but because border control is a thing.

reply