Comment by Mindwipe

> Presentation of someone else's valid credentials is not fixable by any privacy-preserving mechanism.

And that is precisely why governments will never implement a privacy-preserving mechanism, which is exactly my point.

Compromised tokens would be trivially google-able within a day otherwise.