Feature Request: Estonian E-resident proof

[virgil]

I recently got an Estonian e-residency card. The card has a private key on it. I would like to be able to prove my e-residency identity on Keybase. As a bonus, this gives Keybase.io a passport level verification of my identity.

[OliverCole]

I don't know much about the Estonian implementation. If I had a signed statement, via keybase, that claimed your keybase account was owned by the Estonian citizen represented by key X, how would I verify that specific proof?

Are all the corresponding public keys available online?

[martinpaljak]

I once asked about it: https://twitter.com/martinpaljak/status/695487376966164481

Every certificate owner has a personal id code (something like SSN, except it is public information) which could be considered as a username. So if I can provide a signature for a statement with a valid certificate, I "claim" the username (which is unique, unlike my real name for example). For me this would be 38207162722, this information is also in the certificate.

You can query keys via LDAP, but that's not the point, every user should provide their own certificate with identity information with the claim, that can then be verified by keybase.

[zQueal]

It seems possible, however, it doesn't seem to be free to validate identities. Obviously cost overhead isn't very ideal to validate identities. Additionally, it would require both Keybase and the end user to trust the verification system already in place.

[martinpaljak]

Certificate validation based on OCSP is not freely available, unfortunately. But as the identity in the certificate does not change and the claim itself is not time-critical, CRL can be used instead (which is freely available).

[j15e]

Since you have to put time, money & travel efforts to get your card & prove your identity at an embassy, it could be a good way to confirm an identity. But indeed I do not see yet how to make a simple claim system out of this.

[pdehaye]

I would definitely encourage you to do this on keybase.

[beezly]

I think there is an OCSP responder at http://ocsp.sk.ee/ - I've applied for e-residency so I'll try my card when I get it, but if someone else wants to give it a go in the mean time?