- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Wed, 15 Jun 2016 10:30:44 -0400
- To: David Chadwick <d.w.chadwick@kent.ac.uk>, public-credentials@w3.org
On 06/15/2016 06:00 AM, David Chadwick wrote: > [snip] > > On 15/06/2016 02:25, Manu Sporny wrote: >> >> The point isn't that something is irreparable - yes, most things can be >> fixed. It just takes an enormous amount of time, energy, money, and stress. >> >> ... and we can avoid all of this by using identifiers that are not >> cryptographic in nature (e.g. DIDs). > > But one still has to prove possession of the DID. Sure, it can be shown > that the DID was created at some point in the past, but what proves that > it was you who created it, and not some imposter saying that they > created it? I think what Manu meant is that a system where an identifier must be a fingerprint of a public key *and* the only way to prove ownership of it is to possess the matching private key is too brittle. It would be fine, IMO, to originally generate a DID from the fingerprint of a public key, provided that this mechanism was only used to assert ownership when registering the identifier with other pieces of information that could be later used to also assert ownership should you lose the private key or should it become obsolete. At some point you should be able to essentially treat the DID as opaque and prove ownership through some other mechanism. I think we want *more* than just a public key fingerprint, but using that concept to bootstrap the process is perfectly fine. -- Dave Longley CTO Digital Bazaar, Inc. http://digitalbazaar.com
Received on Wednesday, 15 June 2016 14:31:15 UTC