This is the problem with having the public and private key be the same. Anyone should be able to access your public key, and anyone you deal with should be able to ask you to use your private key to verify your identity. The problem is when that entire process is reduced to "give us the number the government uses to ensure you're you. Don't worry, we won't use it to convince anyone else we're you ;) Or leak it so anyone else can do the same ;) ;) ;)"
> Anyone should be able to access your public key, and anyone you deal with should be able to ask you to use your private key to verify your identity.
First, let's assume the identity would be backed by a somewhat decentralized system; e.g. the identity could be backed by any state/territory's existing ID cards.
The problem is making the request signing step secure and accessible to... well, anyone, tech-savvy folks included. Software for installation to a computer is an obvious no-go. A mobile app is probably a good idea but in any case I think we can assume a website will be a necessity. You've got to be able to give that website your private key. Guess what, you've already lost - as soon you tell people to type their key into this website, people will type their private key into any old website now. (I remember when my mom, with the best of intentions but without my prior knowledge, filled out my FAFSA info, SSN and all, on a scam .com site despite how many times we were told "fafsa.gov" or whatever.)
But let's pretend that's a solvable problem, just for the same of argument. Let's assume it's a federal government provided site which you can provide with your private key on demand to do signing on your behalf and it's relatively secure actually keeping the key in your browser. And there's a mobile app option which can store the key locally with better security and do signing in memory which can actually be wiped after. Fine. Now convince the public that this site/app do not constitute a Federal database of identities. You and I know it wouldn't, as described, but I would not blame anyone who objected on those grounds one bit, because without the necessary knowledge it absolutely would seem like a Federal ID, and folks are right to be wary of a single source of identity information. After all, all that does is take the SSN problem and add to it civil liberties problems. The distinction between SSNs and a [somewhat] decentralized PKI scheme with a centralized signing app for security/anti-phishing reasons is a distinction essentially impossible to convey to any but the most tech-savvy.
How much would it cost to give everyone a device from which the private key could not be removed?
Worried about "mark of the beast" based objections? Make it optional. Those who wish can retire their SSN and receive their public / private keys and then the government publishes their SSN as a trashed SSN. Everyone who still wants just a SSN can take their chances.
SSN already is optional. Nobody forced your parents to register you, but your parents wanted to claim you on the IRS tax form each year so they sold you out.
USA passport for my children didn't require SSN. And a passport complies with TSA id checks.
