[stickfigure]

OK, I'll concede that PK cryptography can be used to eliminate the online requirement given that you don't need a revocation mechanism. You're still going to need active measures to ensure restaurant compliance. And signing these without a centralized database at the signing authority? Theoretically possible, practically impossible.

Tell me, where is it that these systems are working for half a billion people?

I'm guessing this is somewhere with a vastly different cultural landscape than the US. Depraved or not, I still value what little anonymity I have left.

[jsnell]

This is how the EU (and some associated countries) have it set up. One obviously would like to centralize the signing just so for some basic auditing and to limit the number of public keys that get installed. But that just means a central signing service, it does not need to have persistent storage in said central location. In practice having the generated certs in a central DB is very useful for the users though, since it makes it trivial to install the certs on a new phone etc.