• Optional@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    28 days ago

    When used completely and properly. Which rarely, if ever, happens because it requires end-users to know how to use keys and keep them offline somehow.

    • turmacar@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      28 days ago

      This system hasn’t lasted ~90 years because they just throw someone in a chair and let them figure it out on the job.

      Any reliable system, electro-mechanical or digital, needs thorough user training and checks.

      The worry with this one is it’s a single authoritative record with no easy way to backup or replicate it. They say there are non-authoritative (at least legally) digital versions of most(?) of the records. I hope/assume they’re actually more consistent with that than the video makes it seem because those are the only feasible off-site backups they really have. If not one fire is all it would take to wipe out an entire countries SSA program.

    • cadekat@pawb.social
      link
      fedilink
      English
      arrow-up
      0
      ·
      28 days ago

      This is a government office. A government should be able to build the technical knowledge required to keep a private signing key secure.

      I do agree that individual-to-individual cryptography is more difficult, but how often do you need to check the authenticity of a document from a friend or acquaintance, digital or otherwise?

      • Optional@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        28 days ago

        Well, a bank. A financial transaction. Health records. Not just email to your friends.

        Government has the technical knowledge - heck many people here have that - but implementing a standard is a different problem, it’s a political problem. A pit full of vipers, in a sense. We’re unlikely to see standardized crypto signing anytime soon. At least IMO.