- From: Andrew Hughes <andrewhughes3000@gmail.com>
- Date: Tue, 4 Dec 2018 20:54:04 -0800
- To: daniel.hardman@evernym.com
- Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
- Message-ID: <CAGJp9UavrjiRz7kLBeDebs1pYTrHviZArXWWXADsjFP_B8=bxA@mail.gmail.com>
<<<inline>>> On Tue, Dec 4, 2018 at 8:39 PM Daniel Hardman <daniel.hardman@evernym.com> wrote: > I like this list. It's a good summary. I just wanted to comment on nuances > of 3 of them. > > >> 5) includes the associated DID Document, which may contain material used >> to authenticate the DID, the DID Document, and the DID 'owner/controller' >> > > I have run into this sort of verbiage before, that a DID "includes" a DID > Document. I think the phrase "is associated with" or "may be associated > with" is more accurate. A DID that has been created but not yet written to > anywhere that associates it with a DID Document is still a DID, is it not? > <<<ACH: A DID without a DID Document cannot be authenticated, so might not be too useful :) 'associated' is from the spec text. > > a) DID authentication may use cryptographic proofs to demonstrate which >> entity is the 'owner/controller'. >> > > Using the "owner" metaphor for DIDs has some interesting legal baggage; we > might be better served to favor "controller." See > https://medium.com/@hackylawyER/do-we-really-want-to-sell-ourselves-the-risks-of-a-property-law-paradigm-for-data-ownership-b217e42edffa > > <<<ACH: we should probably include text somewhere that differentiates between 'controller', 'creator', 'subject' (and other role-type entities that I've missed). And the fact that entities can be zero, one or many of these 'roles'. > b) When cryptographic proofs for DID authentication are used, this enables >> special properties associated with zero knowledge proofs such as selective >> disclosure, <<what is this list?>> >> > > I don't think ZKPs have anything inherent to do with DIDs or DID > authentication, or that DIDs do anything special to enable selective > disclosure--unless you're talking pairwise DIDs to manage correlation. DIDs > may be used in conjunction with ZKPs and selective disclosure, but I don't > think either requires the other. Is there some connection here that I'm not > considering? > > <<<ACH: yes - correct - this point was also explored in the previous few emails - b) strays over the line into 'what are they good for' instead of sticking strictly with 'what are they'. However, any special properties might be put here that highlight the benefits of cryptographic proofs.
Received on Wednesday, 5 December 2018 04:54:39 UTC