On 1 May 2016, at 17:22, Nick Hilliard wrote: > 2. irrevocable tokens (e.g. biometrics in national ID cards) as trust > credentials on the Internet. One of the centre-pieces of trust is that > it can be revoked. If something cannot be untrusted, it should not be > trusted in the first place.
Note though that this conclusion of yours, which I agree with, does not imply revocation lists must exists. It might be that the time to live on the validation one do is short. After that, it must be validated again (which might fail). This specifically works if the one handing out the "positive validation token" can say for how long it is valid. I.e. for me the first mistake in design of trust systems is to think one can use irrevocable tokens. The second that revocation lists works. But that is an implementation issue of the major issue you bring up -- which once again I agree with. Patrik
signature.asc
Description: OpenPGP digital signature
