The comment was not dumb. You are paving over some important terrain here.
Solutions for commerce will arise from commerce itself. Any decent e-tailer has a password system which eliminates the problem you describe. Also, they rely heavily upon a presumption of good-enough security in the credit card system.
Regulating commerce is not the same as shoe-horning it into slow-moving, inflexible government mandated solutions to problems that go away long before the "solutions" do.
We already have a mostly satisfactory system of ID verification in place, negotiated between consumers and suppliers, who both, after all, insist that the thing work.
Here's a chestnut: "There's no chance that a centralized database will emerge." Nonsense. That is *exactly* what will emerge. Do not start this project if you do not want to see it finished.
Incidentally, if ISPs would block forged headers, many of our current problems would not exist, and as has been pointed out, IPv6 will solve many of the (very) near future problems. hard-coding a person to IP address is not necessary. I'll be happy to be *officially* DHCP to the world, and DynDNS if I want more.