Re: decentralised

On 13/06/2016 19:36, Dave Longley wrote:
> On 06/12/2016 10:30 PM, Timothy Holborn wrote:
>> I'm listening to: http://w3c.github.io/vctf/meetings/2016-06-08/
>> @~40 minutes an issue about whether or not the Decentralised
>> identifier methodology works and until their is something that exists
>> with a million or so use it - it's a research project..
>>
>> So, Internet protocol and the Domain Name Server methodology, how's
>> that not a decentralised identifier system for machines?
> 
> It is, but it's not self-sovereign.
> 
> http://opencreds.org/specs/source/webdht/
> 
> "The Web currently does not have a mechanism where people and
> organizations can claim identifiers that they have sole ownership over.
> Identifiers, such as those rooted in domain names like emails addresses
> and website addresses, are effectively rented by people and
> organizations rather than owned. Therefore, their use as long-term
> identifiers is dependent upon parameters outside of their control. One
> danger is that if the rent is not paid, all data associated with the
> identifier can be made temporarily or permanently inaccessible. This
> document specifies a mechanism where people and organizations can
> cryptographically claim ownership over identifiers such that they
> control them and the documents that they refer to."
> 

Is the decentralised registry mandatory to use in our model?

How do public keys fit into this model? If my device creates its own key
pair, and I am the only person in control of the private key, why would
I 'need' to claim ownership of this by registering the public key in the
decentralised register. It 'might' be advantageous to me if I want
everyone to know this key (like a PGP key store is for PGP keys), but it
might also be disadvantageous to me, if I want my keys to obey the same
origin policy, as in the FIDO model.

regards

David

Received on Tuesday, 14 June 2016 07:31:07 UTC