Hacker News new | past | comments | ask | show | jobs | submit login

> I long for the day that we [1] all get assigned a public/private keypair instead of SSNs.

What is the remedy for when someone loses or leaks their keypair?




Have the organization responsible of managing the PKI to generate a new subkey from your primary key (kept in cold storage) and publish a certificate revocation for the previous subkey lost/leaked.

Most of our ID cards (health, driving license) already have an expiration date and the subkeys should have one anyway.


No reason you can't have more than one, either. You could even issue keys for people to act on your behalf (e.g. they get access to it on your death as part of your will).


Report in person to an issuing authority for biometric authentication. Have them issue a new one and blacklist the old public key.


Any number of things that are better than what currently happens when a SSN is leaked.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: