Yes it's very close. The only reason it will fail for private citizens is the device needs to be easily auditable for correctness. The auditing process needs to be at least simple enough that children in public schools can be taught how to assess their PKI dongle to make sure it's real and trustworthy.