Identity assertions with Bitcoin instead of CA in Payment Protocol?

[grau]

https://eprint.iacr.org/2013/622.pdf

The authors of the paper claim in the abstract:

In this work we propose a novel anonymous credential scheme that eliminates the need for a trusted
credential issuer. Our approach builds on recent results in the area of electronic cash and uses techniques |
such as the calculation of a distributed transaction ledger | that are currently in widespread deployment
in the Bitcoin payment system. Using this decentralized ledger and standard cryptographic primitives,
we propose and provide a proof of security for a basic anonymous credential system that allows users to
make exible identity assertions with strong privacy guarantees. Finally, we discuss a number of practical
applications for our techniques, including resource management in ad hoc networks and prevention of
Sybil attacks. We implement our scheme and measure its eciency.

If that holds shouldn't Payment Protocol's use of CA be revisited?

[1715326488]

1715326488

[1715326488]

1715326488

[1715326488]

1715326488

[1715326488]

1715326488

[Gavin Andresen]

If that holds shouldn't Payment Protocol's use of CA be revisited?

No. If their anonymous credential scheme is successful (and I hope it is!), then the payment protocol should be extended to use it. The payment protocol is quite carefully designed so that replacing the public key infrastructure system is easy.

[Mike Hearn]

It doesn't solve the same problem. What they're doing is anonymous credentials a la anonymous passports/SINs/fidelity bonds. These are not identities that are intended for humans to work with directly, which is why their example applications are things like TPM DAA systems or anti-sybil in P2P networks, and not a replacement for SSL CA's.