- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Tue, 14 Jun 2016 12:13:59 -0400
- To: public-credentials@w3.org
On 06/14/2016 11:10 AM, David Chadwick wrote: > But if I had a public key specifically minted for one > requester/relying party, and all my issuers would bind my claims to > this, then I could prove possession of all credentials to this > requester/relying party. And I would not actually need to register > this public key anywhere as I can always prove possession. Except for when you lose the key. Or when the key size is no longer large enough. Anything tied to the key becomes invalid if the key goes away. Lose your key, lose your "identity". HD Keys provide some protection against this, unless you lose your master key. This is why WebDHT enables you to do M-of-N signatures to recover access to your decentralized identifier (Subject Identifier) by having your friends/family assign a new key for you. Hope that helps explain why we abandoned public keys as long-lived identifiers a while ago. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: The Web Browser API Incubation Anti-Pattern http://manu.sporny.org/2016/browser-api-incubation-antipattern/
Received on Tuesday, 14 June 2016 16:14:24 UTC