> The public is blind to this but the technology (GPG) exists to authenticate people's identities.
There's also the technology to make it far simpler, in the form of Namecoin. I've registered a NameID (in the id/ namespace), and I can tell anyone in the world that my NameID is vshell. They can look me up, find my GPG key, my website, and whatever other information I want to put in there. Nobody can fake it.
The main issue is going to be revocation - if someone manages to take control of my NameID, I can't get it back. I can use multi-factor authentication like BitGo provide for Bitcoin, but that's not a 100% guarantee. I could sign "I am no longer this person" with my NameID key and my GPG key and distribute that, but there'd be no safe way to say "I am now this other person", because they might've taken my GPG key as well and they could say that. You're essentially going to have to build up your web of trust from near-scratch, starting with physical trust (i.e. people who can verify who you are physically).
There's also the technology to make it far simpler, in the form of Namecoin. I've registered a NameID (in the id/ namespace), and I can tell anyone in the world that my NameID is vshell. They can look me up, find my GPG key, my website, and whatever other information I want to put in there. Nobody can fake it.
The main issue is going to be revocation - if someone manages to take control of my NameID, I can't get it back. I can use multi-factor authentication like BitGo provide for Bitcoin, but that's not a 100% guarantee. I could sign "I am no longer this person" with my NameID key and my GPG key and distribute that, but there'd be no safe way to say "I am now this other person", because they might've taken my GPG key as well and they could say that. You're essentially going to have to build up your web of trust from near-scratch, starting with physical trust (i.e. people who can verify who you are physically).