The proper way of doing this is to have a trusted* (because the process is open, monitored, and audited) observer (probably run by the government) that consumes messages enciphered to it which contain a signed delegation. It would then (daily, weekly?) release a signed batch of public keys with designated metadata.
Metadata might include simple yes/no statements or very short string tags.
* Country
* State/Provence
* County/Locality
* City
* Is Locally Contract Age
* Is Locally Unrestricted Purchases (alcohol/tobacco/etc)
* Is a Driver
* Is a Voter (might not be registered or might be serving time for crimes)
* etc
Ideally someone would have a unique key for each slot, and of course their primary (high security) civic key could be used for cases where proof of identity is required anyway.
"These keys are X" (for each type of metadata flag).
If a given user keeps their metadata keys operationally separate from their full ID, and also updates them at random intervals, then it would be possible to have unique 'cards' (of sorts) for each given type of check.
The locality specific checks imply outer levels, obviously, but different keys might still be desired and it would be best practice for all to keep different keys to make it harder to de-identify by virtue of being one of the paranoid users.
To be clear, in a world where people still haven't solved password security, you're proposing a solution that has people generating multiple functionally composable metadata keys in order to retain anonymity on an otherwise massive public ledger?
The original problem is that it's too easy to make fake comments on a basic website. You're talking about users keeping their metadata keys "operationally separate from their full IDs" and "updating them at random intervals." How did we get here?
Yeah, that's not even the hard part for the average user...
How could (should?) they use these things securely? You need to trust the hardware that's handling the keys too.
I can't escape the need for something like a no-closed-blobs dongle that /only/ does digital wallet stuff (and maybe storing files) which MUST have at least a method for the user to read the text of what they're signing, and if it has that use that to also control the 'presentation mode' of that device to the attached system.
Nobody should ever type the words “every citizen can generate cryptographic certificates” in that order. That’s like saying every citizen can compose jazz; technically true, which engineers love, but basically a lie that evidences how distant the engineering mindset is from an average person. Every citizen would instead reply what is a certificate? You mean the one I got for my marriage? Do I have to go wait in line for it? It involves my computer? Oh, you mean the computer that has spyware on it to lift the private key as soon as it’s created because TPM is still, you know, only deemed worthy of corporate security?
The gap between engineering and regular human beings continues to widen. Passwords remain difficult for people, but don’t let me stop the whiteboarding of a solution to the problem that will undoubtedly involve machine learning, Facebook OAuth, and GKE at some point. Add blockchain and pitch it to USDS before Thiel guts them and you’ve got yourself a hot party!
https://www.cipheredtrust.com/using-irs/
Every citizen can generate cryptographic certs that they can verify their identities with, even anonymously.