The recent nodes on OpenID at Re^2: PerlMonks OpenID provider? and Breaking Out of the Perl Echo Chamber: A Call to Action have convinced me that OpenID sucks... but what would be a good solution to this problem?

My musing is just to use the ssh public/private key system.

What is hard about giving a public key out as your password, and having the web site verify it's you, by your private key.

I havn't investigated(googled ) it thoroughly, but couldn't your public key be placed in a htaccess file, and you could automatically logged in like is done with keys authentication in ssh? I suppose this would require the browser makers to include ssh as a helper app, or even builtin directly.

Another possibility is a challenge/response system(like Captcha) in which the server sends you a random password encoded with your public key, which you decode, and return to verify your identity.

In any event, it seems that if the idea is to ensure your identity online, a key system, where you have your private key, probably on a usb stick, is eventually going to be the ultimate solution, so why waste time on anything else?

Ideally, the government should setup a key server, and give everyone a public/private key. This would be a big leap forward in internet identification. Sure there would be details to work out, like do you generate the key pair, or does the government? Or could you have multiple key pairs for different sites.

Anyways, I'm not seeking approval/criticism of the above idea; but would like to here what you consider to be the best strategy for online ID's. This will probably become more important as attempts are made to make safe online voting systems. The current voting system disenfranchises the poor for various reasons.... but I'm straying off topic.

Sure there are fingerprint scanners, iris scanners, etc., but usb sticks and key pairs are probably cheaper and easier to mass distribute.

I'm not really a human, but I play one on earth Remember How Lucky You Are

In reply to OpenID alternatives, what do you suggest by zentara

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.