W3C home > Mailing lists > Public > public-credentials@w3.org > June 2016

Re: decentralised

From: David Chadwick <d.w.chadwick@kent.ac.uk>
Date: Tue, 14 Jun 2016 08:30:46 +0100
To: Dave Longley <dlongley@digitalbazaar.com>, W3C Credentials Community Group <public-credentials@w3.org>
Message-ID: <01cd22ca-1ab3-eac4-7c33-cbe1e550208b@kent.ac.uk>
On 13/06/2016 19:36, Dave Longley wrote:
> On 06/12/2016 10:30 PM, Timothy Holborn wrote:
>> I'm listening to: http://w3c.github.io/vctf/meetings/2016-06-08/
>> @~40 minutes an issue about whether or not the Decentralised
>> identifier methodology works and until their is something that exists
>> with a million or so use it - it's a research project..
>>
>> So, Internet protocol and the Domain Name Server methodology, how's
>> that not a decentralised identifier system for machines?
> 
> It is, but it's not self-sovereign.
> 
> http://opencreds.org/specs/source/webdht/
> 
> "The Web currently does not have a mechanism where people and
> organizations can claim identifiers that they have sole ownership over.
> Identifiers, such as those rooted in domain names like emails addresses
> and website addresses, are effectively rented by people and
> organizations rather than owned. Therefore, their use as long-term
> identifiers is dependent upon parameters outside of their control. One
> danger is that if the rent is not paid, all data associated with the
> identifier can be made temporarily or permanently inaccessible. This
> document specifies a mechanism where people and organizations can
> cryptographically claim ownership over identifiers such that they
> control them and the documents that they refer to."
> 

Is the decentralised registry mandatory to use in our model?

How do public keys fit into this model? If my device creates its own key
pair, and I am the only person in control of the private key, why would
I 'need' to claim ownership of this by registering the public key in the
decentralised register. It 'might' be advantageous to me if I want
everyone to know this key (like a PGP key store is for PGP keys), but it
might also be disadvantageous to me, if I want my keys to obey the same
origin policy, as in the FIDO model.

regards

David
Received on Tuesday, 14 June 2016 07:31:07 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:29 UTC