669
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 17 Oct 2024
669 points (100.0% liked)
[Dormant] moved to !historyphotos@piefed.social
7330 readers
1 users here now
COMM MOVED TO !historyphotos@piefed.social
founded 2 years ago
MODERATORS
When used completely and properly. Which rarely, if ever, happens because it requires end-users to know how to use keys and keep them offline somehow.
This system hasn't lasted ~90 years because they just throw someone in a chair and let them figure it out on the job.
Any reliable system, electro-mechanical or digital, needs thorough user training and checks.
The worry with this one is it's a single authoritative record with no easy way to backup or replicate it. They say there are non-authoritative (at least legally) digital versions of most(?) of the records. I hope/assume they're actually more consistent with that than the video makes it seem because those are the only feasible off-site backups they really have. If not one fire is all it would take to wipe out an entire countries SSA program.
This is a government office. A government should be able to build the technical knowledge required to keep a private signing key secure.
I do agree that individual-to-individual cryptography is more difficult, but how often do you need to check the authenticity of a document from a friend or acquaintance, digital or otherwise?
Well, a bank. A financial transaction. Health records. Not just email to your friends.
Government has the technical knowledge - heck many people here have that - but implementing a standard is a different problem, it’s a political problem. A pit full of vipers, in a sense. We’re unlikely to see standardized crypto signing anytime soon. At least IMO.