Using digital signatures for strong government documents signing/encryption

My idea its creation for government trusted CA for decenteralized trust to human public keys, like you pay money to some CA and transfer locally generated on your pc by open source software certificate request, and get signed cert for CA, CA sends your certificate to public registry of certificate transparency, this certificates registry provides to all humans information about created trusted ceritficates issuers and private key owners
Like if some government organization need send document for you, this organization sign this document using trusted key and encrypt this document for you, and sends over public networks

This idea better for centralized registy or website for documents exchange, like if some hacker hacks this website its be very VERY destruct for country security

1 Like

So your idea is to create more centralized, trusted third-party entities so hackers can perform more data breaches, expose users’ PII, and issue forged certificates from a compromised and privileged position, similar to X.509. If this is a multi-node CTF concept, then you may have something special in the works for advancing red-teamers’ capabilities. This model is already basically replicated by OpenPGP keyservers and users signing each others keys as Web of Trust, except you want this implemented by the government, not the broader community.

Well it depends on your threat model.

2 Likes

Open standards are the important part.

1 Like