Could the new addition of relaying OP_RETURN data txout as provably prune-able (https://github.com/bitcoin/bitcoin/pull/2738) help with passports in some way?

As far as I get it, the main problems are still the fact that miners can mine their own sacrifices, and hence the risk needs to be mitigated somehow, orphans, and somehow maintaining a blacklist?

Sounds very good as is, but cynical old me has spotted a danger I would like everyone to consider.

The blacklists are local to the individual services under this model, but the blockchain containing the passes is, of course, global. This service specific blacklist information has a value to others though, and I'm imagining a consequential scenario of such a system becoming commonly used. 

If third party services spring up that purchase and aggregate the blacklist information from those services using pass-based registration, then there develops an incentive to be done with it and globalise the blacklist as well. This creates all sorts of problems, not least bloating the blockchain with tattle-tales, but more problematic is that of overly politicised blacklisting (it's arguably always "politicised", and that's not strictly always a bad thing when your overriding political view is that you cannot tolerate spammers and trolls diluting good content/discourse). But of course, politics can be malicious as well as benevolent for the wielder of the political tool, and so you may end up with a system that elicits wilder distortions in behaviour than today's free-for-all can manifest. For instance, being trolled and spammed exclusively by those with the means to pay might be an even more unhappy experience than what we live with now. And so you substitute one set of pests for another, and simultaneously incentivise everyone to behave similarly to how they do with service registration now, expect you have to pay to register, and for broadly the same conditions as we have now. That wouldn't be such an improved situation.

Still, this scheme is not going to get widely adopted any time soon, it requires a more Bitcoin centric (if not Bitcoin ubiquitous) world such that a minimum of some critically significant minority are actually in a position (the position of being a Bitcoin user) to pay for the passes. So there is alot of time and contemplation to refine something like this, and perhaps this issue should play out on a smaller scale before we can establish sensible best practices. It's fairly vital that this happens actually, as this is a powerful and important concept, given the requisite adoption of both Bitcoin and theses passes. One possibility is that the services are encouraged to treat the blacklists as any other highly sensitive user information is, at the behest of preventing the descent into the model of a globalised blacklist tyranny.

Incidentally, maybe just "passes" is a better name, or some post-internet monstrosity like "e-pass". Passport does have too much association with nation-state infrastructure, and this system largely transcends the nation-state, in that familiar old internet fashion.

Hmmm, they can't be absolute identities, as by definition you can obtain more than one (just like actual passports). And an identity based on your DNA has the smallish problem of identical twins.

None of the SIN data is in-chain except for the sacrifice transactions.

The main bitcoin blockchain is only used for timestamping a hash of the public key (SIN type 1).

SIN type 2 is completely off-chain, because it is not associated with any sacrifice.

and chimeras

all this talk about linking to real identity, why on earth would you want to do that. its essentially just a fancy fidelity bond. the less one party knows about the other party the better it works.

Would it not be much easier to destroy coins as a sacrifice?

also: http://nameid.org   a Namecoin id based OpenID provider

That's the general idea.

Your markets can be decentralized, as long as the identity protocol is agreed upon.

You control your own level of privacy.  You choose to whom your identity is revealed, and beneath that, the meaning of the hashes attached to your SIN record.

In theory SINs could be blinded too:

You write a small program that takes in a SIN SPV fragment, a site name, a minimum sin value, and the private key for the sin. It verifies the SPV fragment, then uses deterministic DSA to sign the sitename and computes then returns {sitename, minimum sin value, H(txid || signature)}.

You run this problem inside a zero-knoweldge proof-of-knoweldge environment and the result is a unique ID per site which proves that there exists a sin of at least the stated value, but no information about which transaction is the SIN.

(The actual implementation of this is annoyingly complex, but we should try to nag the people working in this space to use it as an example application since it's probably the simplest use of these kinds of proofs which would have a big practical value to us)