Summary Client-side certificates were technically sound in the 1990s, but they failed because individuals weren’t willing to pay for identity proofing.
I believe the state of Florida is doing something close. Both my wife and I had to bring our passports, SS # physical cards, birth certificates, proof of residency, and an out-of-state driver's license before we could get a FL State-issued one without having to go through the whole process of applying. It even includes political affiliation.
Before SEDI, we have notary publics. Notaries, acting as mediators in a contract, review your driver's license and counter-sign an identity on some classes of documents or contracts.
The major privacy value is provided by the notary's log which can be summoned, at significant cost, in case of dispute. This adds both security and privacy.
Who will play the role of notaries with SEDI? Are we expecting biometrics to be a typical feature of using a SEDI-derived DIDs?
I’m glad to see you engaging with this question. I’m a Taiwan-based digital identity researcher and had participated in the Taiwan Digital Identity Wallet project.
Utah’s bill strikes me as unusually complex. Regardless of whether an identity system is centralized or decentralized, two requirements tend to be non-negotiable: **privacy** and **independent verification**. The system must support independent verification and validation (IV&V)—so that third parties can conduct rigorous review and testing to determine whether the system’s behavior truly conforms to the governing rules, including whether it exhibits any prohibited behaviors or properties.
That leads to a core dilemma: **should credentials be issued by the government or by private actors if we want both privacy and independent verification? In an SSI-style framework, issuing and maintaining credentials often looks like a net cost center. No matter that cost is absorbed by the state or by major corporations, it can create structural dependency—leaving ordinary people with limited meaningful choice.
There is also an institutional design risk. If the government both sets the rules and maintains the system that must comply with them, it becomes difficult to ensure impartial enforcement and credible compliance. On the other hand, if issuance is left to the market, there’s a real risk of de facto dominance by large firms—so that even a well-written regulatory framework loses practical force.
I’m not sure which direction is better in practice, and I would value your judgment on what way is most viable.
The economic inversion here is brillant. Client-side certs failed not becuase of tech but because nobody could justify the cost-benefit at an individual level. The state already amortizes identity proofing across its driver's license infrastructure anyway. Reminds me of how SSL/TLS only took off once browsers started warning users about unencrypted sites, basically shifting the adoption incentive from individuals to site operators. Curious if SEDI will face interop challenges across state lines though.
Interop is tricky, as I'm sure you know. It depends on lots of things like incentives that are more social than technical. The technical aspects of interop are relatively easy to work out. But will anyone want to go to the effort? I think at first, there are plenty of in-state use cases to make SEDI appealing to people. Hopefully, its success will inspire other states to do something similar. That will incentivize interop discussions. And the cycle will repeat.
Phil just fired off more details to your email.
I believe the state of Florida is doing something close. Both my wife and I had to bring our passports, SS # physical cards, birth certificates, proof of residency, and an out-of-state driver's license before we could get a FL State-issued one without having to go through the whole process of applying. It even includes political affiliation.
Is it digital? If so, do you know what tech it uses?
Before SEDI, we have notary publics. Notaries, acting as mediators in a contract, review your driver's license and counter-sign an identity on some classes of documents or contracts.
The major privacy value is provided by the notary's log which can be summoned, at significant cost, in case of dispute. This adds both security and privacy.
Who will play the role of notaries with SEDI? Are we expecting biometrics to be a typical feature of using a SEDI-derived DIDs?
I’m glad to see you engaging with this question. I’m a Taiwan-based digital identity researcher and had participated in the Taiwan Digital Identity Wallet project.
Utah’s bill strikes me as unusually complex. Regardless of whether an identity system is centralized or decentralized, two requirements tend to be non-negotiable: **privacy** and **independent verification**. The system must support independent verification and validation (IV&V)—so that third parties can conduct rigorous review and testing to determine whether the system’s behavior truly conforms to the governing rules, including whether it exhibits any prohibited behaviors or properties.
That leads to a core dilemma: **should credentials be issued by the government or by private actors if we want both privacy and independent verification? In an SSI-style framework, issuing and maintaining credentials often looks like a net cost center. No matter that cost is absorbed by the state or by major corporations, it can create structural dependency—leaving ordinary people with limited meaningful choice.
There is also an institutional design risk. If the government both sets the rules and maintains the system that must comply with them, it becomes difficult to ensure impartial enforcement and credible compliance. On the other hand, if issuance is left to the market, there’s a real risk of de facto dominance by large firms—so that even a well-written regulatory framework loses practical force.
I’m not sure which direction is better in practice, and I would value your judgment on what way is most viable.
The economic inversion here is brillant. Client-side certs failed not becuase of tech but because nobody could justify the cost-benefit at an individual level. The state already amortizes identity proofing across its driver's license infrastructure anyway. Reminds me of how SSL/TLS only took off once browsers started warning users about unencrypted sites, basically shifting the adoption incentive from individuals to site operators. Curious if SEDI will face interop challenges across state lines though.
Interop is tricky, as I'm sure you know. It depends on lots of things like incentives that are more social than technical. The technical aspects of interop are relatively easy to work out. But will anyone want to go to the effort? I think at first, there are plenty of in-state use cases to make SEDI appealing to people. Hopefully, its success will inspire other states to do something similar. That will incentivize interop discussions. And the cycle will repeat.
IDK but will try and find out. When we first got down here, there was a whole effort to modernize and automate Florida identification systems.