Bitcoin Forum

Update: 8/09/2012

Looking into the more technical aspect of how to store data on the block chain; so far, I've found these two methods:

1) Uses multiple outputs to send a message (store data). Each output address is data; therefore, the coins are destroyed.
https://en.bitcoin.it/wiki/Block_chain_message_service

2) Transaction with a message inside the script
https://en.bitcoin.it/wiki/Script#Transaction_with_a_message

Mike Hearn makes some good points about the first method that I believe also applies to second.
https://bitcointalk.org/index.php?topic=47283.msg607667#msg607667

Also, if I understand correctly, there are other ways to embed messages(data) into the transaction that are less likely to be (pruned) and deleted, but I'm still leaning towards #1.
Here's my reasoning:

* It requires more bitcoin to add data into the block chain when using the addresses in the outputs. Because of all the costs, it should satisfy any naysayer because the creator of the transaction "paid for it". Even if someone doesn't agree with the blockchain being utilized this way; well, who cares, those users burning their coins are making the rest of us more wealthy.

*When the question is asked "What uses does bitcoin have beyond just financial transactions?", you will now have an additional reason to give: pay miners to add data in the most distributed, secure, and accessible database in the world.

*Also, it would still be friendly to those that only want to manage a pruned/trimmed blockchain. As Michael Hearn pointed out, transaction outputs that will clearly never be spent can be deleted with no worry of anyone spending them.

I've also been thinking about adding in the technical document that all the coins used on undependable outputs for "Bitcoin's Distributed PKI" will be available for miner rewards once all the block rewards are finished. A new type of generation transaction could be created that would allow miners to collect those coins based on certain rules. This would give incentive to maintain all the unspendable outputs used in the PKI in the block chain database.

Update: 7/24/2012
 
Still Playing around with the title. Now, the name is just right IMO in describing where I hope this thread and project will go. I had debated about using the word "decentralized" since the name Bitcoin already implies this; however, the implementation of this PKI compared to the majority out there is decentralized in so many ways that I decided it had to be there.

Here's some good material of the technology already out there.
http://highsecu.free.fr/db/outils_de_securite/cryptographie/pki/publickey.pdf
http://en.wikipedia.org/wiki/Public_key_infrastructure
http://en.wikipedia.org/wiki/Digital_signature

Update: 7/19/2012

Updated the Title
Old Title: Decentralized Identity Management using the Block Chain

Thanks to all for the responses and resources. When I originally had this idea, I had no experience or knowledge of what already existed on the net.
Wasn't even sure what to call it. The Web of Trust was by far the closest to what I had envisioned.
(see http://privwiki.dreamhosters.com/wiki/Distributed_Web_of_Trust_Proposal_2)

My idea isn't new at all and there's are many similar applications and projects online.

I came across an article today that was a gold mine of information and the first part lay's the foundation to web of trust, decentralized ID system, and others.

Beyond “web of trust”: Enabling P2P E-commerce
http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=5&ved=0CFwQFjAE&url=http%3A%2F%2Fciteseerx.ist.psu.edu%2Fviewdoc%2Fdownload%3Fdoi%3D10.1.1.15.82%26rep%3Drep1%26type%3Dpdf&ei=lU4IUMPQGsXI2wWqyL3SBA&usg=AFQjCNEPBsAnoUQrgcd1Uj76DUbbVLLriw

I'm considering starting a github repository where the technical aspects of this PKI using the blockchain can start to be formed.

If this is conflicting with anyone's efforts, please let me know. Also, PM me if you would like to be part of the project.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I know the idea has been tossed around alot, but has anyone taken it seriously.
Is there any project out there.
I'm been toying with the idea to start something along this line, but do not want to re-invent the wheel if there's already progress.

Just like money, Identification is too important to leave to a central entity.
What are the possibilities with Decentralized ID?
       Digital notary.
       Open ID login pulled from the block chain
       The ground works for a new voting system.

What are your thoughts? Anyone working on a protocol write-up?

Update:
   Here's a link with some great information. it describes the problem and the limitations of the solution currently at hand.
Could bitcoin overcome these limitations?
http://dig.csail.mit.edu/2007/06/ieee-ic-decentralized-identity-weitzner.html

Update 2:
   Very relevant link provided by Stephen Gornick below:
http://privwiki.dreamhosters.com/wiki/Distributed_Web_of_Trust_Proposal_2

Update 3:
Another great find:
http://www.fastcompany.com/blog/kaliya-hamlin/identity-matters/why-identity-matters-0
So, the goal, as I see it, is to create a competing ID system that serves more than the agenda of government and large corporations.
Also, it would limit the mischief that could be done having power and monopoly over ID systems.

Update 4:
     Mt.Gox Trusted Vendor Program
https://bitcointalk.org/index.php?topic=92334.0
Now, if they used the block chain and allowed others to be a trusted vendor or person.

Update 5:
      A big thanks to bitcoin.me for referencing me to http://bitcoin-otc.com/
It's a great working example of what could be done. The main difference between what they started and this proposal is they manage the information instead of it being decentralized and located on the block chain. Check out the full graph: http://corrupt.jails.se/~magnetron/
And you can also look at the graph between two users: http://serajewelks.bitcoin-otc.com/trustgraph.php
Here's an example: http://serajewelks.bitcoin-otc.com/trustgraph.php?source=Cusipzzz&dest=noitev

Im actually working with another member on getting a blokchain openid system going that also is a 4chan board for every adress and you have to claim your adress by bitcoin message signing to mamage your board.

that's great news! How's the progress going? Any links?
I would like to be a part of it if that's ok.

Sure ill pm you shortly, out of respect i need to ask the members' permission that came up with the original idea first.

If you aren't aware of this, it may be related to some degree:

 - http://privwiki.dreamhosters.com/wiki/Distributed_Web_of_Trust_Proposal_2

That's very relevant. Thanks!

The Introduction sums up the foundation of the decentralized ID technology very nicely.

"Introduction

The core components of any trust system are (a) data storage for nodes and links between them and (b) interpretation of the data into useful trust metrics. Once a publicly accessible distributed storage framework is developed and populated, there can be any number of competing trust metrics building upon it. Thus, the development of an open framework for distributed store of trust links will serve to create an ecosystem of trust services around it.

Ideally, the node identifiers used in the trust network would be easily exportable and usable in any arbitrary alternative location, so that a person can prove he owns a particular identity in many different contexts. Further, the trust links should be cryptographically signed, so that the validity thereof can be independently verified by any third party.

The present proposal suggests a robust, flexible, and distributed framework for a web of trust, using PGP keys as node identifiers and for cryptographic signatures. "

Ideas like this can finally be realized with Bitcoin block chain technology!!!!

All the tools to do this already exist in bitcoin its just that no one thought of putting the pieces together in this way.

Actually I don't understand why you'd want a decentralized ID system, what's the point? Why allow just anyone to have an ID? Why not limit it to only those who are going to follow certain rules, on a voluntary basis of course.. this way the ID doesn't only identify a person but it also portrays a degree of trustworthiness of that person. And if the business offering this service ever misbehaves customers can simply take their business elsewhere.

Couldn't this be done with Namecoin? Namecoin is decentralized, cryptographically secure, and can be easily extended to have an ID or voting system.

ID is very useful. "Why allow just anyone to have an ID? Why not limit it to only those who are going to follow certain rules" - This would contradict the whole idea of a decentralized ID system. Anyone can create an ID, the question is what does it take for your ID to matter? The whole idea it to put the power of an ID in the hands of its creator.

What can be done to give an ID value?
      A trustworthy source(i.e. another ID of a person or business) vouching for your ID.
      Using your ID to link to others you know have accurate IDs and them to you.
      Use your ID to rate the "trustworthiness" of other IDs you know and them to you.
      put your reputation in the hands of another ID before doing business and start adding value to your ID with each success.
      I'm sure there's more.

It boils down to using non-standard transactions to create nodes and vectors in a graph.
Here's a visual of the idea. (Pulled from http://blog.cloudlychen.net/the-social-network-of-economists/)
http://farm4.static.flickr.com/3406/4595648954_a728c42724.jpg

Here's the problems I feel need solved before Bitcoin is ready for this technology to develop on top of it:
  1) Some developers have mixed feelings about non-standard transactions because it puts "garbage' in the block chain.
  2) The TX fee methodology is based on donations and any tweaking of this is still somewhat centralized.

No, I disagree. The who idea is to put the power in the hands of those who want to know who they're dealing with. Right now anyone can have an unlimited amount of digital IDs and there are zero repercussions for bad behavior, you burn one ID and you create a new one. The idea is to stop that, meaning that once you burn your unique ID, that's it you're done, not able to scam anyone ever again.

edit: complete re-write of my post

I feel like my post just got "cherry picked" - oh well. Too many posts here are contentions; so, let's find some common ground.
First, the basis of the proposal is that the amount of work that is required to establish one's ID is worth far more than what would be achieved in a scam.
However, let's say that still doesn't give you the comfort you want? That's where 3rd party ID businesses could come into play. It could vouch for people's IDs. As long as the 3rd party your trust and has validated an ID to be legitimate to a known person and that person is trustworthy then you could decide if you have the comfort/confidence to do business or whatever. Again, this would all be done using non-standard bitcoin transactions to create nodes and vectors in a graph that could be analyzed with software.

Bitcoin-otc is pretty effective so we can get lots of sites like that who interconnect and share trust metrics. Like how you can upload your gpg key to many different keyservers.

Man! I feel like I'm late to the game in everything. Thanks for the reference. I will add it in the OP.

Also, identity management is part of PeerPoint:

PeerPoint
An Open P2P Requirements Definition and Design Specification Proposal
 - https://docs.google.com/a/digicoast.com/document/pub?id=1TkAUpUxdfKGr_5Qio2SlZcnBu_sgnZWdoVTZuD_Regs

Identity Management and Complementary Currency (specifically referencing Bitcoin) are both "first tier" services and applications of PeerPoint.

On Google Groups:
 - https://groups.google.com/forum/#!topic/building-a-distributed-decentralized-internet/CQBhaEcqGUc/

Oh but you should definitely not add this to the bitcoin chain. You should create an alternative chain, with merged mining if you will.


The idea of a decentralized ID system is interesting. OpenID itself is interesting. But I have a question.

The main technological advance Satoshi provided, IMHO, is the means to order events in time in a decentralized database, without having to trust anyone to say "this is the correct order".
Why is such a feature important for a decentralized ID system? I mean, why do you need to order events in time? Isn't just a decentralized database enough?

The system may allow the addition of arbitrary data to an ID. Ideally, this data would be encrypted and only the owner would have the ability to provide unencrypted copies of it to somebody requesting them.
You could add, for example, your fingerprint or a picture of you, data that could be checked against your meatspace self.
Parties scammed by you could (with proper contracts foreseeing it) share such personal data with others, in anti-scam effort.
To create a new ID you'd have to do it like Tom Cruise in Minority Report and change pieces of your body.... not so simple! :)


Now, I wonder what would motivate big players to ever use such system, since they can already use government provided IDs when they need, for free. For instance, in Brazil companies use your CPF (national taxvictim number) to "taint" you in case of debt default. There are big shared databases. Once your CPF gets in there, it becomes nearly impossible to contract more debt. The system works fairly well right now. Why would they ever want to switch to a new system?
Perhaps the international reach of such system would be a strong incentive. You have to be a Brazilian resident to have a CPF, what wouldn't be the case of the proposed system of course.

Actually, expanding a little bit on this question: what are the advantages of a fully decentralized ID database over a federated model like OpenID?
I guess one could answer "not having to trust an ID provider to store my data, nor having to rely on its uptime etc". But then, couldn't such problems be avoided by (1) having an OpenID provider which only stores encrypted data about yourself and (2) having the possibility of mirroring it for free?
EDIT: Derp, rereading OP I realize that the wish here is precisely to implement a decentralized OpenID provider. I guess the main motivation is not trusting your data to a centralized ID provider.
The question of "why a blockchain?" remains open though.

I understand your sentiment about bloating the bitcoin chain with non-financial data, but if the person creating the transaction was willing to pay for it (via tx fee) then why not?
Bitcoin is the first ever decentralized secure database that has potentially huge applications beyond just financial transaction (Decentralized ID being one of them).
If the core developers and community can expand the bitcoin technology to determine fair TX fee for non-standard transaction and size then it would benefit everyone.
If the proper fee can be managed in a decentralized way then we've really improved bitcoin; however, without this advancement essentially free non-standard transactions that are relatively big will not be favored at all. I have hopes that something will work out.
Remember: every additional use bitcoin has besides financials will ultimately add value to the entire system.

The time stamp would be useful for an ID system as it could describe how someones ID evolved over time; however, the real appeal for using the blockchain is that it is a database that cannot be altered or controlled by anyone.

 

Wow! Again, very great resource. I'm reading it right now. Thanks

How do you limit a single ID to a single person?

It might work if you could give the government a gpg key and they encrypted it in your drivers license. Then you could actually prove you owned it by signing a message with the private key that belongs to the public key on it. I think a decentralized bitcoin database could enhance such things if done correctly.

This system would largely prevent false ID problems because its relatively easy to steal identities. Its not so easy to steal someones private keys as well. This would also work for voting to prove you are an actual person and not a fake or dead voter since politicians dont have the private keys to the dead persons identity.

See my reply to hazek above.

It's not a matter of "sentiment", but a matter of using the appropriate tool for the appropriate task. Also properly separating concepts makes understanding and evolving them easier.

There's absolutely no need to go through ugly hacks to insert this data inside the blockchain if you can create an alternative chain with merged mining. It would be worse for developers of your system, since they would have to find a way to fit their data into bitcoin instead of defining their own database as they please. It would be worse for miners that just want to mine one of the chains, since they would have to store both databases. Anyway, summarizing, these are different purpose databases, there's no need to fuse them. Just do it like namecoin people did it.
Plus I'm still not convinced you really need a blockchain....


Why is it important to know which modification happened first, and why is it so important that you are able to know this without trusting anyone? As long as you can gather all data that there is about an ID, I suppose you're fine. Maybe I'm failing to see something, but I don't understand why a blockchain would be preferable over a distributed database which can't order things in time without trust.

Perhaps one of your motivations to use a blockchain is that the monetary incentives in mining helps guaranteeing that multiple copies of the database will exist. Plus it also adds an incentive against bloating it with unnecessary data, since it costs money to add data to the chain. I'm not sure how other distributed databases provide such incentives (anyone knows?). But if it's just for that, I guess you can come up with some sort of monetary incentive for those who "seed it", and some sort of monetary costs for those who add data to it, all that without using mining itself, which is very expensive. Blockchains come at a cost, and carry their own vulnerabilities.

One idea that came to my mind was the following:

SHA2( fingerprint information ) == private key 1
SHA2( some pass phrase or personal info ) == private key 2

1) Import the private keys into your wallet then send perhaps a specific BTC amount to both addresses (the sending could be done from anywhere to hide IP). The purpose of this is to be able to find the public key of all registered voters (and to be able to prove you have registered to vote). Also to ensure that no other public key #2 can be used with public key #1 (i.e. identity theft).

2) To prove identity a fingerprint scan would be performed and then public key #2 would be determine from the registration txs in the block chain (of course you need to trust that the device checking the fingerprint only actually outputs the public key and does not keep the raw data and that you were not photographed using the device, etc.).

3) A voting token (say BTC0.001) is sent in a tx that will require two sigs (for the 2 keys).

4) Some time later (and most likely at a different physical location) you can "spend" your vote.

Biometric identity is an interesting way to do it. Hashing your fingerprint into a blockchain I never thought of.

One weakness I can now see in my idea (which admittedly just came off the top of my head) is that if someone did manage to get your fingerprint then they would be able to work out who you had voted for (as the public key would be easily traced).

It may be possible, however, to circumvent this problem by using the sort of combining private key stuff that etotheipi has described before for safely being able to generate vanity addresses for other people (this needs some more thought).

Deffinatly want to bring your own fingerprint signing hardware ;)

Yup - complicated private key issues aside the hardware would be a much more difficult trust issue for such a system (but necessary in the approach I was outlining to ensure that no-one can cheat).

Dont let anyone cut your fingers off either :D

This would be a legitimate use of the namecoin blockchain.

You could add a function to allow somebody to sign another person's ID, and add a VALUE for gpg key...

Yeah - the idea of having 2 keys (or a 2 part private key) would be to stop any usage of the fingerprint key without also having the other private key.

Although I guess if you were about to get your fingers cut off you might end up divulging your other key. ;D

Are you sure? AFAIK fingerprint scans do not always produce the same string of bytes. Each scan produce a particular "image", and there are algorithms that allow you to compare two different images and tell with a high certainty whether they were produced by the same finger. I guess all biometric scans (retina, DNA etc) work like that actually.

So, if all that's public is a hash of the fingerprint, unless you're really lucky to get the same string that was used to generate such hash, I don't think you'll be able to locate it.

Why?

Yup - for the key to be useful to identify a single individual the actual "fingerprint" would in fact already have to be some sort of hash that would be used for comparing fingerprints (rather than the raw scan data which of course would vary).

I was assuming this is how fingerprint DB's for forensics worked (but must admit I haven't researched it at all).

Wow... you're mixing 3 different things there. Don't you think it's too messy?

A decentralized voting system != decentralized OpenID provider (this topic) != decentralized currency.
AFAICT there's no advantage on making them all be the same system, only disadvantages. I'd recommend sticking to the unix principle of doing just one thing and doing it right - and making things capable of cooperating. The decentralized voting system could eventually use OpenID for authentication, and both p2p systems could eventually use bitcoin to provide monetary incentives to their users.
But they are all different systems, with different applicabilities.

Also, about your idea in particular, I'm not sure you can have the fingerprint in the private key. I'm not sure you can produce a unique hash out of all possible scans a finger can produce*. So, during the validation phase (2), the scanner would not be able to produce the same private key to derive the public key from.
Unless you also provide the original private key to the scanner, besides your thumb. Was that the idea?
If that's the case, and you're really going to trust the scanner like that not to output your private key, then what difference does it make if the fingerprint is a private key or just some hashed data in the public database?

* I'm not 100% sure of that. But I remember I friend who once used a fingerprint validation API, and he had to provide to the API both the scan output and what was saved in the database for the intended person. The API would tell if it matched or not. If it was possible to produce a common hash of all possible scans, then why wouldn't this hash be stored instead?

That would just transfer the trust issue to the counter-party requesting your fingerprint to be checked.... s/he would need to trust your device not to be fraudulent.

Without a doubt trying to uniquely identify someone and then allow that person (and only that person) to perform a tx in a way that cannot later be deconstructed to then identify them is one very difficult problem (so any solution I think is going to be somewhat messy).


Also for sure I don't know anything about how actual fingerprint software operates. I was really just trying to put out an idea that perhaps someone else could work out (or perhaps just disprove if what I'm suggesting is not actually theoretically possible).

One very interesting technology that comes to my mind with regards to this issue is open source 3D printing (although the possibility of using this tech to create such devices is probably a long way away). :)

Exactly my point actually.... Finger printing is flawed to authenticate identity.. It only shows "significant evidence" you are authenticating your identity with only fingerprint. AFAIK a true fingerprint system would incorporate a Fingerprint, Eye scan as well as a unique password that is unique to the identity but then again that’s for entering secure buildings by that method of authentication becuase as its easy to kill someone and take their fingerprints, eyeballs(eww) and beat the password outta them before you kill them its shouldn't be possible to enter a secure building with a bloddy finger, an eye ball(forget the password) llol

Ouch - am now having nightmare visions of people turning up to voting booths with bags of eyeballs and fingers.  :o

http://dot-bit.org/Personal_Namespace
http://dot-bit.org/Namespace:Aliases

Interesting stuff (and makes Namecoin look more relevant), however, the problem when it comes to voting is one can create multiple identities and AFAICT this is the #1 problem that is so far lacking a de-centralised solution (hence why I threw out the bio-recognition idea).

Politicians abuse this by getting dead people to vote. The diebold voting machines dont even use encryption. Heck i would be happy if the government sent me communications via gpg so all I had to do is gpg sign up at the voting booth.

Indeed that was my thinking behind having 2 private keys (one that only the actual person has) - also I guess a registry of dead identities would be required (yes rather impossible with fingerprints if they were burned beyond recognition - DNA?).

I dont know about that. But i do know Ive never been ripped off using bitcoin-otc.

Sure - the idea of identifying a person uniquely is very different concept from creating a WoT (although it may actually be possible to use the blockchain technology to do both things).

For sure a WoT is the key thing for doing trading with other entities.

Identifying individuals is only critical if we want to be able to support a democratic style of voting in a de-centralised manner (something I think would be an amazing feat to achieve).

btw - in regards to WoT I had previously posted some thoughts regarding using the blockchain here: https://bitcointalk.org/index.php?topic=87339.0

When there are numerous bitcoin-otc sites sharing trust metrics that will be a decentralized wot.

You simply need to define a sharing protocol between all the disparate sites.

Free market rating agencies ftw.

Perhaps your DNA sequence could be used.

Add an extra digit to distinguish between twins/triplets/etc (1 for first born,2 for second...)

updated the OP (7/19/2012)

Updated the Title
Old Title: Decentralized Identity Management using the Block Chain

Thanks to all for the responses and resources. When I originally had this idea, I had no experience or knowledge of what already existed on the net.
Wasn't even sure what to call it. The Web of Trust was by far the closest to what I had envisioned.
(see http://privwiki.dreamhosters.com/wiki/Distributed_Web_of_Trust_Proposal_2)

My idea isn't new at all and there's are many similar applications and projects online.

I came across an article today that was a gold mine of information and the first part lay's the foundation to web of trust, decentralized ID system, and others.

Beyond “web of trust”: Enabling P2P E-commerce
http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=5&ved=0CFwQFjAE&url=http%3A%2F%2Fciteseerx.ist.psu.edu%2Fviewdoc%2Fdownload%3Fdoi%3D10.1.1.15.82%26rep%3Drep1%26type%3Dpdf&ei=lU4IUMPQGsXI2wWqyL3SBA&usg=AFQjCNEPBsAnoUQrgcd1Uj76DUbbVLLriw

I'm considering starting a github repository where the technical aspects of this PKI using the blockchain can start to be formed.

If this is conflicting with anyone's efforts, please let me know. Also, PM me if you would like to be part of the project.

Wow guys....

just came accross that thread, a lot of intriguing ideas.

Just the moment before, I stumbled over this thread and commented:
https://bitcointalk.org/index.php?topic=93848.msg1043586#msg1043586

Basically what I wrote there fully applies to this discussion here as well...


We should not try to develop "applications" or even "killer applications". This will just carry us away into diversification.

Rather, this topic should be approached similar to the layered network architecture, which was so successfull with the Internet.


Foundation layers.... pick as you see fit. Internet, cell phone, smoke signals, who cares... ;)
Network layer: Bitcoin network + namecoin network or a hybrid / linked approach
Transport layer: this is what we try to put together here

Application layer: basically any administrative / governmental protocol can be built on top.


What would be the service provided by this "transport layer"?  a timestamped, provable, irrevocable administrative act, linked to other prerequisite administrative acts. Note: the actual content and meaning of these administrative acts is application-dependant, just like the actual meaing and specific protocols in the internet are application-depentant.

Certifying trust would be an example for such an act. In most cases, such an act would not happen out of thin air. Rather, it would require some prerequistes, like some kind of "payment", or "title" or "approvement" or some other act provided in exchange.

To repeat my example of the "Anonymous insurance".
You pay and acquire insurance tokens in return.
Some incident happens, forcing you to draw on your insurance: now you contact a survey report service, which confirms the incident/damage and signs a sufficient amount of insurance tokens. These signed insurance+survey tokens now allow you to receive payment by a cooperating payout settlement service.

Note: none of the involved entities need to know and store the full disclosure of what happened.

• the insurance company can do the bookkeeping, keep the balances sane and calculate the insurance rates, without needing to know anything about what happened to you. It just sees the signed insurance tokens sent back from the payout settlement serivce
• the survey report service doesn't need to know anything about your finnancial situation. In fact, it doesn't even need to know which is the inssurance company, nor does it need to judge the finnancial consequences of its reports. Yet, the survey service gets its payment, based on the signed insurance tickets
• similar situation for the payout service. It doesn't even need to know that you get an payout due to an insurance relevant incident. It just does payouts in exchange for signed administrative-act tickets

only you as the customer link together these parts and drive the process. You remain in control. Obviously, these cooperating parts need to trust each other. And this way we're entering recursion....


Hopefully you get my point: any administrative or governmental act could be done in such a peer-to-peer fashion. And the necessary techincal infrastructure is allready there....

Update OP: 7/24/2012
 
Still Playing around with the title. Now, the name is just right IMO in describing where I hope this thread and project will go. I had debated about using the word "decentralized" since the name Bitcoin already implies this; however, the implementation of this PKI compared to the majority out there is decentralized in so many ways that I decided it had to be there.

Here's some good material of the technology already out there.
http://highsecu.free.fr/db/outils_de_securite/cryptographie/pki/publickey.pdf
http://en.wikipedia.org/wiki/Public_key_infrastructure
http://en.wikipedia.org/wiki/Digital_signature

Update OP: 8/09/2012

Looking into the more technical aspect of how to store data on the block chain; so far, I've found these two methods:

1) Uses multiple outputs to send a message (store data). Each output address is data; therefore, the coins are destroyed.
https://en.bitcoin.it/wiki/Block_chain_message_service

2) Transaction with a message inside the script
https://en.bitcoin.it/wiki/Script#Transaction_with_a_message

Mike Hearn makes some good points about the first method that I believe also applies to second.
https://bitcointalk.org/index.php?topic=47283.msg607667#msg607667

Also, if I understand correctly, there are other ways to embed messages(data) into the transaction that are less likely to be (pruned) and deleted, but I'm still leaning towards #1.
Here's my reasoning:

* It requires more bitcoin to add data into the block chain when using the addresses in the outputs. Because of all the costs, it should satisfy any naysayer because the creator of the transaction "paid for it". Even if someone doesn't agree with the blockchain being utilized this way; well, who cares, those users burning their coins are making the rest of us more wealthy.

*When the question is asked "What uses does bitcoin have beyond just financial transactions?", you will now have an additional reason to give: pay miners to add data in the most distributed, secure, and accessible database in the world.

*Also, it would still be friendly to those that only want to manage a pruned/trimmed blockchain. As Michael Hearn pointed out, transaction outputs that will clearly never be spent can be deleted with no worry of anyone spending them.

I've also been thinking about adding in the technical document that all the coins used on undependable outputs for "Bitcoin's Distributed PKI" will be available for miner rewards once all the block rewards are finished. A new type of generation transaction could be created that would allow miners to collect those coins based on certain rules. This would give incentive to maintain all the unspendable outputs used in the PKI in the block chain database.