Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> This is covered by allowing for single-use credentials.

They said There are proposed mitigations like issuing multiple sets of credentials or rotating them, but we're not going to get an infinite number of keypairs for every website or session in the secure enclave in practice.

> Basically, the wallet requests a batch of single-use eIDs that all use different device key-pairs.

The comments you replied to omitted mass surveillance. But the article and 1st comment included it. The government would know what wallet requested each single use identifier.



> The government would know what wallet requested each single use identifier

Which only means that the government knows how many tokens each citizen consumes on average. They don't know where each identifier was used nor the exact timestamp unless each website communicates this to the government, and such a backchannel does not exist in the spec.


You did not know governments demanded records? Or infiltrated networks?

And governments investigated high electricity users as suspected marijuana growers. Would governments ignore high identifier use?


Can you make an actual argument rather than spouting insinuations? It's rather tiresome to have to construct my own straw man from your drivel.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: