Proof of identity is not fine because the identity is an issue-once static identifier. It is the weakest link in any security scheme because the general population cannot roll it over. Once it is exposed, it is exposed forever, so it's a liability to the user, not an asset.
Proof of identity is not fine because the identity is an issue-once static identifier. It is the weakest link in any security scheme because the general population cannot roll it over. Once it is exposed, it is exposed forever, so it's a liability to the user, not an asset.
Imagine you cannot change your password.