- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Wed, 6 Jun 2018 20:59:15 -0400
- To: public-credentials@w3.org
On 06/06/2018 11:30 AM, Chris Boscolo wrote:
> We should define a DID method name called *"local"*or *"self"*where
> the /specific-idstring/ is a secp256k1 public key.
This method would be:
1) susceptible to stolen key attacks and wouldn't allow key rotation,
and
2) favor a very specific type of public key, which is a bad
security design practice.
We've explored this a bit in the past. You can address these
shortcomings by just making this mechanism a part of the DID method. You
can have public-keys-as-DIDs, but you also MUST enable the DID Document
to be updated to deal w/ stolen key attacks.
> This way, individuals can useDIDsthat are TRULY self-sovereign,
> albeit limited, to just the public key lookup without any way to
> update it.
Again, this is very dangerous and I suggest that no one expose their
constituency to this sort of attack.
> I know that several DID implementors (uPort/lifeID) are already
> supporting a way to have DIDs start their life off-chain which was a
> seed thought for this idea.
Veres One and Sovrin have this feature as well... start off-chain and
enable a migration to on-chain (in the event that you want to prevent
the stolen key attack).
I suggest we leave this as a DID Method feature.
-- manu
--
Manu Sporny (skype: msporny, twitter: manusporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
https://tinyurl.com/veres-one-launches
Received on Thursday, 7 June 2018 00:59:43 UTC