W3C home > Mailing lists > Public > public-credentials@w3.org > June 2016

Re: Proof of possession

From: David Chadwick <d.w.chadwick@kent.ac.uk>
Date: Wed, 15 Jun 2016 16:30:14 +0100
To: Dave Longley <dlongley@digitalbazaar.com>, public-credentials@w3.org
Message-ID: <3da3d30e-7bb6-2a05-6fab-b37912b37dea@kent.ac.uk>

On 15/06/2016 15:30, Dave Longley wrote:
> On 06/15/2016 06:00 AM, David Chadwick wrote:
>> [snip]
>> On 15/06/2016 02:25, Manu Sporny wrote:
>>> The point isn't that something is irreparable - yes, most things can be
>>> fixed. It just takes an enormous amount of time, energy, money, and
>>> stress.
>>> ... and we can avoid all of this by using identifiers that are not
>>> cryptographic in nature (e.g. DIDs).
>> But one still has to prove possession of the DID. Sure, it can be shown
>> that the DID was created at some point in the past, but what proves that
>> it was you who created it, and not some imposter saying that they
>> created it?
> I think what Manu meant is that a system where an identifier must be a
> fingerprint of a public key *and* the only way to prove
> ownership of it is to possess the matching private key is too brittle.

I think we are all agreed on that. After all, how do you prove that the
original public key belongs to the physical you? There has to be a
registration procedure. And a recovery procedure after losing your
private key will be very similar to it.

> It would be fine, IMO, to originally generate a DID from the fingerprint
> of a public key, provided that this mechanism was only used to assert
> ownership when registering the identifier with other pieces of
> information that could be later used to also assert ownership should you
> lose the private key or should it become obsolete.

Exactly. This is also done today to recover lost passwords, is it not?

> At some point you should be able to essentially treat the DID as opaque
> and prove ownership through some other mechanism.

Then we are in agreement about this.

> I think we want *more* than just a public key fingerprint, but using
> that concept to bootstrap the process is perfectly fine.

My point is that some other random DID that is secured with a public key
is no better as an ID than the public key (fingerprint) itself.


Received on Wednesday, 15 June 2016 15:30:46 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:17:53 UTC