Today, (2025-09-30) I was at the Truth and Reconcilliation event on Parliament Hill.
Einaguzi spoke. Here is a link: Parliament Hill T&R event (I wish I had a non-youtube link. I asked aptn.ca for one)
Einaguzi was sent to a “day school” at age six, and it took him a year to figure out who “Richard Kistabish” was, and that it was him. Because that wasn’t his name. It is now. It’s his legal name. Changing names is hard and annoying, and yet in a digital age, it should not be. Fundamentally, this is because governments and institutions still live in the 1980s: computerized, but not actually compute clueful.
Meanwhile there are other people who would like to “repatriate” control over their name. To control their identity, their pronounces, and what details they reveal to whom. (PS: “Identity theft” is nonsense. It’s the banks blaming the victim for their own incompetence around inability to compute)
The UK and some parts of Europe now have byzantine age verification rules, which place the onus on private companies to verify their customers, but then do not hold them responsible for doing it wrong. And the governments and regulators don’t seem to help them get it right. Canada now thinks we have to do the same thing in order to regulate gambling.
Well, we kinda, almost got it right when it came to the vaccine proofs. Canada/US went for the JSON form of verified credential, while Europe went for the CBOR form (which is smaller). Neither quite got the selective disclosure part right. Nobody should care what your name, age or birthdate is: only if you are vaccinated. The bouncer at the club also doesn’t care who you are, only if you are over 18. (or 21. Or..)
Banks shouldn’t even care what your name is. What they should care about is what your tax identity is, so they can report to the tax authority about how much money you have. They don’t actually even need to know your tax identity itself, they need to know that you have one, and that when they report to the government, that’s it’s legit. Think about that: Canadians (SIN) and Americas (SSN) worry about having their numbers disclosed because it means that someone else can use that with another bank to commit fraud. (Again, that’s the other banks’ problem). Why should we give a shit? That’s other banks’ problem.
What do I suggest? Every Canadian should be (at their option: this needs to be a gradual, incremental process, not that CRA ever listens) issued a Verified Credential (not a blockchain thing, btw) by the Government of Canada. We will need significant experience since many people will lose access to the private key that is endorsed. That’s why it has to be done slowly. Better to have your private key inaccessible and/or accidentially destroyed, than disclosed: we have the technology to do this.
The credential, an SD-CWT if I have my way (see https://datatracker.ietf.org/doc/draft-ietf-spice-sd-cwt/, but coming to an RFC soon), is a selective disclosure credential. That means that the holder of the credential can decide what details to disclose on a transaction by transaction basis. It also should mean that they can use the credential to make up as many additional pseudonymous credentials as they wish, signing them with their main credential. A blinding service would also be necessary, as that signature otherwise reveals who it really is, but this would be part of the service from gc.ca.
But for many things, the blinding is not important. Einaguzi would use his government issued “Richard Kistabish” credential to sign a new credential giving his name as Einaguzi. That would immediately satisfy banks, online systems, email systems, etc.
No more “blue verified badge” nonsense. If you want to be identified online, you can be.
At some point, a government (including a tribal council, etc.) would acknowledge the change (if Einaguzi desires it), and then would issue a new credential, and the chain of signatures would be reversed. Instead of Einaguzi, legally known as Richard Kistabish, it would now become legally Einaguzi, (formerly known as Richard Kistabish).
If someone is transitioning, they would do something similar. This time they might want a blinded credential as well as a sub-credential. Most of the time, they would use a blinded credential with their chosen gender and pronouns. However, if trying to cross the border into some intolerant/fascist country, they might decide to use their original (deadname) credential, if it seemed safer to present that way. (Not my place to decide: there are many complicated tradeoffs here) When going into a bank for the first time after, they might want the non-blinded credential to prove their (new) identity is replacing their old identity.
Could the Canadian government do this? I think with the right management it could be done.
Do I think that today’s government (“Shared Services” or CBSA or CRA or Aboriginal Affairs) can manage it? Not with current leadership.
Could the PM get on board with this? I bet he could.