apw: It seems like you are oversimplifying the problem space to an enormous degree. For instance, if I present you with a valid cert, how do you know that it is actually mine? If we have no pre-defined trust relationship, you can't know. But then let's say we do have a pre-defined trust relationship, and someone identifying themselves as me with my cert tries to make some kind of transaction with you. This requires you to trust me in two very important (but distinct) ways: first, you need to trust that I am technically competent enough to keep my private keys to myself. And second, you need to trust that I am reliable enough a person that I am not going to give someone else my private key. It's not as simple as saying "lets all get smart cards and make browser plugins" - it is a rich and complicated area of research. If it were an easy problem, it would be solved by now. People have been working on this for a couple decades. It's good to think about, but please realize that there is a lot of hard work still to be done. And it isn't all just technological. If you're aiming to have a solution to counter Passport, there are a number of existing projects to look into. I'm involved in the Internet2 web-iso and Shibboleth projects, for example. I know that there are many others. Just some food for thought.