There's no way to present identity documents to a third party using remote technology without being forced to trust that a third party is going to handle your information in a privacy-respecting manner.
So I think identity verification should be done only face to face, like notary publics. Go physically see someone who has a verifier certificate, pay them to look at your ID and issue you a token. Institutions like banks and churches can do this. Since it is a mildly profitable activity it provides incentives for verifiers to protect their private keys and such. Issuing a token that says someone is an adult when they are not should be a felony and/or result in harsh civil penalties.
You can then present this token to anyone who needs to verify whatever aspect of your identity, and existing PKI can be used to verify the token is from a valid and non-revoked verifier.
This can all be done easily on phones with the right apps. Laws can be put into effect to absolve liability if best practices are followed. The possibility of fraud can be managed to be the equivalent to physical ID documents.
Of course, how do you physically verify with someone far from you? Network of verifiers. If I'm a local verifier that physically checks identity documents, then another verifier in the next city/state may want to enter into a mutual agreement to accept each others verifications. This would likely come with additional impositions specified in contracts, and "wide-area" or "long-distance" verification might cost more.
And that's fine. It makes local communities that need to verify easier to participate in than wider ones
I don't see why third parties should do this. You already trust governments to keep data on you safe (you're forced to unfortunately) so they should provide an API, to let people prove their age/humanity without sharing any info about themselves with any website/org that needs it.
PKI has all the tools we need.
There's no way to present identity documents to a third party using remote technology without being forced to trust that a third party is going to handle your information in a privacy-respecting manner.
So I think identity verification should be done only face to face, like notary publics. Go physically see someone who has a verifier certificate, pay them to look at your ID and issue you a token. Institutions like banks and churches can do this. Since it is a mildly profitable activity it provides incentives for verifiers to protect their private keys and such. Issuing a token that says someone is an adult when they are not should be a felony and/or result in harsh civil penalties.
You can then present this token to anyone who needs to verify whatever aspect of your identity, and existing PKI can be used to verify the token is from a valid and non-revoked verifier.
This can all be done easily on phones with the right apps. Laws can be put into effect to absolve liability if best practices are followed. The possibility of fraud can be managed to be the equivalent to physical ID documents.
Of course, how do you physically verify with someone far from you? Network of verifiers. If I'm a local verifier that physically checks identity documents, then another verifier in the next city/state may want to enter into a mutual agreement to accept each others verifications. This would likely come with additional impositions specified in contracts, and "wide-area" or "long-distance" verification might cost more.
And that's fine. It makes local communities that need to verify easier to participate in than wider ones
I don't see why third parties should do this. You already trust governments to keep data on you safe (you're forced to unfortunately) so they should provide an API, to let people prove their age/humanity without sharing any info about themselves with any website/org that needs it.