You could, but then it wouldn't be there in the record proving it happened when you say it did.
Ideally, there would be a scheme that would allow a user to put their own selected public certificate in the camera, and that acts as the hardware ID as it gets signed by the camera's internal certificate, or maybe it has to be signed by the manufacturer with their user registration validation certificate, and the camera only allows uploads that check against the shipped public certificate?
You
will sign this image!
I mean, it's more like 'you better sign this image or nobody will believe it ever happened!'
I have very little understanding of how certificates work but wouldn't that require the camera makers to create server space to store the public certificates? Massive server storage space.
First, I was specifically trying to avoid having any central repository that could be compromised.
Second, back of the envelope: Nikon sells a bit under 1M cameras/year. At maximum size a key is 256 bytes in addition to whatever bytes are needed to identify it. Simple .csv file, serial number,base 64 encode of the key
I haven't looked at all Nikon serial numbers, I doubt any exceed 20 digits. 256 for the key, 342 after the base 64 encode. 3 characters of overhead. 365 characters per camera. Every month Nikon uploads a magnet-compatible torrent of what they produced that month, it's in the 40 megabyte range. In reality it's going to be a lot smaller because they aren't going to put such stuff in everything the build. My hard drive from the 90s shivers in terror. My DSLR writes more than that every time I push the button.