- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Wed, 1 Aug 2018 09:19:49 -0400
- To: public-credentials@w3.org
On 08/01/2018 03:57 AM, Carlos Bruguera wrote: > Is there any literature, ongoing work or specific aspect of the > present DID/credential development that allows an entity to utilize > x.509 certificates as verificable credentials within the > decentralized ecosystem? The desire is there, and some of the building blocks for x.509 are re-used (RSA Signatures, etc.). It wouldn't be difficult to identify a few use cases where you have a DID Document point to an x.509 certificate and vice versa. I think the issue is that the use cases haven't been identified yet. For example, here's one that comes to mind: Enable someone to claim that an email address is theirs and provide proof that a Certificate Authority has attested to that fact via an x.509 certificate. You could easily add a link to the x.509 certificate in the credential.evidence field. You could also bind the x.509 certificate using the SAN field, placing a DID into that field. ... but all that said, it would probably just be easier for an entity to issue a verifiable credential that doesn't have the indirection in it. In any case, I think the first step here is to find a compelling use case. Perhaps stating that a domain is yours would be a better use case? -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launches
Received on Wednesday, 1 August 2018 13:20:42 UTC