[lifeisstillgood]

I mean this stuff is just catnip for me. Unexpected new uses of technology from one domain to another, just serves to reinforce how seminal bitcoin was/is.

Having looked at it with my very layperson eyes, I struggle to see how it is significantly better than say client side certificates. Same idea - sign a request with local private key, only difference is using the SIN mechanism to let the server know I am to be trusted.

But it's fascinating to see the evolution of these things in real time

[tveita]

Digital signatures were not invented with Bitcoin.

TLS supports client certificates perfectly well, and your browser probably supports them.

This scheme also has a lot of beginner-level oversights, IMO. It doesn't delimit the URI from the body, and it doesn't protect the HTTP method itself nor any potentially important headers. This makes me suspect that no cryptographers laid their eyes on this before the announcement.

[voltagex_]

I really really really want to do a redesign of the client certificates UI for Firefox, but alas I'm not a UI person.

Client certificates certainly work, but most people wouldn't see them in their browser, let alone seek them out.

[doragcoder]

I agree. I don't see where this is significantly better. You can add data to signed certs as well, so you can get the SIN functionality that way if I'm not mistaken.

I also didn't see if this touched the blockchain at all. They made note about the SIN being public (then again, so is a Public Key), so I'm looking for the SIN to be in a blockchain somewhere.

[lifeisstillgood]

I do need to dig into SIN for that same reason - it makes sense - I think a lot of government identity and records schemes would get vastly simpler if I put my public key online and encrypted my own records

I discussed it with a govt architect who wanted to get rid of the "bloody database at centre of every application that thinks it needs to store citizens data"

It's a powerful idea