We know that usernames and passwords are broken, password resets are, SSL certificates, hacks like certificate pinning etc. and many other things.
Apparently even domain name ownership proof is just as broken: there seems to be no method to authoritatively determine whether somebody who claims to own a domain actually does.
If somebody came to me and said they had designed that thing that was going to be great, called the internet, and it had all those identity problems, I’d be sending them back to redesign. #frustrated
One response to “Is there anything about identity on the internet that’s not broken?”
Not fair to rant an not offer a solution, dude. :-)