Here we’ll quote the noted advocate of decentralization, Lawrence Lundy-Bryan, who proclaims
Everyone wants
privacy
for
themselves
And
accountability
from others.
Right?
We all need Accountable Anonymity.
We all need to be able to assert our identity without disclosing our identity.
And the identity needs to be reliable – not just self-asserted. You need someone to attest that you can rely on my claim of identity.
Relying parties aren’t just banks and ecommerce sites; you and I are also relying parties.
But… doesn’t that call for attestation by authority?
And authority means centralization, right?
If you think about it, isn’t that self-evident? The things we use in our daily lives, including software, may work OK as disconnected widgets, but if governance is a do-your-own-thing matter, well, that’s simply not governance.
As John Donne reminds us, “No [one] is an island.” The whole point of an identity system is to allow us to represent ourselves in society, that is, other people we want to interact with.
So… how can we have identity that works like your car’s license plate, which makes you accountable on public roadways – but where no one gets to know your identity unless you choose to disclose it or they have a valid legal claim to know it?
Actually the system needs to be better than the license plate system. It needs to be designed so that the centralized authority doesn’t even have the information that identifies people – so for example despots can’t know the identities of their critics.
The Internet of People protocol
Here’s how the Internet of People protocol works:
Enrollment is performed by Attestation Officers, who are specially trained RONs (Remote Online Notaries) who assume criminal and civil liability when performing an enrollment interview with affidavit, then issuing a CSR (certificate signing request) to the CA. The CA retains only the certificate’s public key and serial number. If the despot wants to know the identity of a user who has publicly criticized them, they’ll need to produce a court order from a Geneva court. The court order is then forwarded to the Attestation Officer who is responsible for keeping that user’s identity records. There are many Attestation Officers, and they are in a jurisdiction that is unlikely to be under the authority of the despot. The CA server itself is located in Geneva. Thus a legitimate request may be honored by the Attestation Officer if a valid case is made in the court order; otherwise it will not be honored.