- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Mon, 29 Oct 2018 17:20:42 -0400
- To: public-credentials@w3.org
On 10/29/2018 01:07 PM, Chris Boscolo wrote: > For example, one thing we would love to see is for IoT devices to > play a role this new DID/VC world we are building. Many of these > embedded systems already have a minimal JSON parser, as well as > Base64 libraries and hardware encryption support. That means they > could build a JWT version of DID/VC over the weekend (figuratively). > Requiring them to update to a new JSON-parsing library to support > this is a barrier to adoption. JSON-LD has already been adopted as a a standard encoding mechanism used by Internet of Things and Web of Things devices: https://www.w3.org/TR/wot-thing-description/ Here is a list of companies building IoT devices that are using JSON-LD to do so (e.g. Toshiba, Panasonic, Siemans, Fujitsu, Huawei, etc.): https://www.w3.org/2000/09/dbwg/details?group=95969&order=org&public=1 > BTW, as one who has developed protocol-level encryption software, the > comment "ability to add non-signature-destroying whitespace" makes me > cringe. It seems like it is just needlessly opening the door to a > new attack vector. Note that we have experience writing cryptography / digital signature / encryption software that is broadly deployed as well (several million+ installs per week)... so, I'm asking this question from that perspective: What's the specific attack? The details matter. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launches
Received on Monday, 29 October 2018 21:21:13 UTC