alt Hacker NewsAnd? Presentation of someone else's valid credentials is not fixable by any privacy-preserving mechanism. You can set an expiration date in order to rotate them, and they can be fast-rotating.
In any case, it's a moot point: the correct amount of required identification is zero.
> Presentation of someone else's valid credentials is not fixable by any privacy-preserving mechanism.
And that is precisely why governments will never implement a privacy-preserving mechanism, which is exactly my point.
Compromised tokens would be trivially google-able within a day otherwise.