- From: Chris Boscolo <chris@boscolo.net>
- Date: Thu, 7 Jun 2018 00:51:00 -0700
- To: Manu Sporny <msporny@digitalbazaar.com>
- Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Received on Thursday, 7 June 2018 07:51:25 UTC
On Wed, Jun 6, 2018 at 5:59 PM, Manu Sporny <msporny@digitalbazaar.com> wrote: > On 06/06/2018 11:30 AM, Chris Boscolo wrote: > >> We should define a DID method name called *"local"*or *"self"*where the >> /specific-idstring/ is a secp256k1 public key. >> > > This method would be: > > 1) susceptible to stolen key attacks and wouldn't allow key rotation, > and > Since you say you support off-chain DIDs, how do you deal with an off-chain DIDs where the owner's key was stolen prior to it being put on-chain? > 2) favor a very specific type of public key, which is a bad > security design practice. > See my follow-on email regarding a pub-key type. -chrisb
Received on Thursday, 7 June 2018 07:51:25 UTC