- From: Markus Sabadello <markus@danubetech.com>
- Date: Thu, 7 Jun 2018 08:45:28 +0200
- To: public-credentials@w3.org
There's an open PR with a long thread about exactly this topic: "Allow DID methods without Update and Delete" https://github.com/w3c-ccg/did-spec/pull/55 uPort implementation: https://github.com/uport-project/secp256k1-did-resolver My opinion is that keys-as-identifiers that cannot be rotated could be useful in some situations, but maybe then they shouldn't be called "DIDs". Markus On 06/07/2018 02:59 AM, Manu Sporny wrote: > On 06/06/2018 11:30 AM, Chris Boscolo wrote: >> We should define a DID method name called *"local"*or *"self"*where >> the /specific-idstring/ is a secp256k1 public key. > > This method would be: > > 1) susceptible to stolen key attacks and wouldn't allow key rotation, > and > 2) favor a very specific type of public key, which is a bad > security design practice. > > We've explored this a bit in the past. You can address these > shortcomings by just making this mechanism a part of the DID method. You > can have public-keys-as-DIDs, but you also MUST enable the DID Document > to be updated to deal w/ stolen key attacks. > >> This way, individuals can useDIDsthat are TRULY self-sovereign, >> albeit limited, to just the public key lookup without any way to >> update it. > > Again, this is very dangerous and I suggest that no one expose their > constituency to this sort of attack. > >> I know that several DID implementors (uPort/lifeID) are already >> supporting a way to have DIDs start their life off-chain which was a >> seed thought for this idea. > > Veres One and Sovrin have this feature as well... start off-chain and > enable a migration to on-chain (in the event that you want to prevent > the stolen key attack). > > I suggest we leave this as a DID Method feature. > > -- manu
Received on Thursday, 7 June 2018 06:46:33 UTC