- From: Jordan, John CITZ:EX <John.Jordan@gov.bc.ca>
- Date: Wed, 13 Jun 2018 02:10:46 +0000
- To: David Booth <david@dbooth.org>
- CC: "public-credentials@w3.org" <public-credentials@w3.org>
Fair enough. No system is perfect for sure. However we can employ a variety of techniques to mitigate these risks. We don’t have to rely on a single credential in the digital realm. We can have others. We can expire credentials. We can revoke them. All these actions are more immediate and close down the gaps in Time and space which currently provide opportunity for some undesirable things to happen and are often the source of friction from a service perspective. > On Jun 12, 2018, at 14:29, David Booth <david@dbooth.org> wrote: > > On 06/12/2018 04:44 PM, Jordan, John CITZ:EX wrote:> . . . > > it is a lot easier to forge a document than it is to forge > > a verifiable credential that makes use of the kinds of > > cryptographic technique enabled by DIDs and the fancy math! > > SIDE NOTE: I think it would be wise to maintain a healthy skepticism > about this claim. > > Although the fancy math and crypto may be very good indeed, a huge weakness that digital mechanisms always have is that, once any tiny vulnerability is found, that vulnerability can be silently and relentlessly attacked with massive automated computing power . . . rendering that tiny vulnerability not so tiny after all. > > David Booth > >
Received on Wednesday, 13 June 2018 02:11:14 UTC