There are numerous security issues on the net. Long ago, we developed Digital Certificates to ID host, domains, organizations, and even individuals. The issue with doing individual digital certificates, is that they are NOT truly vetted. Worse, this has lead to new services such as ID.me being created who are now taking all of a persons information such as Drivers License, Passports, Military ID and storing them in their own DBs. IOW, we are now seeing our information spread all over.
The reason is that few are using Digital Certificates due to high costs and difficulty with being vetted. So, REAL ID is about vetting a person to an ID. These needs to be extended.
I suggest that whenever America fed/state issues a physical ID such as Passport, Drivers License, State ID, or Military ID, and was vetted by REAL-ID, that DHS also gives a Digital Certificate. By Default, DHS can generate the public private key, and then have the VDC (vetted digital certificate) held by the United States Post Office (who then maintains a server paid by US ),
a person going in for any of these items can generate their own public private keys and simply give the public key to the office (USPS, State Drivers License or Military), AND they can also choose to have one of the public CAs handle the VDC instead of the USPS, assuming that the individual then pays the CAs.
With this, it allows for digital signing, data encryption such as for email/text/IMs, True Authentication, even when used by social media, can properly authenticate and ID an individual, though the media does not need to give up said individuals name (i.e. they can continue to use a pseudonym).
Likewise, when reading news, postings, a user can tell if it is somebody that is vetted or just another hollow that could be from a foreign nation that is astro-turfing and manipulating.
By giving a VDC with each ID, it at least allows for truly authenticating and ID who is doing something, while still leaving the possibility of anonymity open for social media, etc.