- From: Steven Rowat <steven_rowat@sunshine.net>
- Date: Fri, 26 Apr 2019 15:39:50 -0700
- To: daniel.hardman@evernym.com
- Cc: W3C Credentials CG <public-credentials@w3.org>
On 2019-04-26 3:18 pm, Daniel Hardman wrote: > Regarding #2, I wonder about introducing the notion that DID methods > must support an independent audit capability that updates the DID > Trust Context of the audited method. This might give captive and > surveillance-oriented ecosystems pause, because the audit could be > structured in such a way that all dirty laundry gets aired. This seems attractive in theory; except if I understand the proposal correctly doesn't it lead to the question "who performs the independent audit"? Isn't it turtles all the way down? --someone independent is then needed to audit the auditor, etc. ? Unless what you mean by 'independent audit capability' is an algorithm; one that analyses the degree to which the Trust Context is satisfied by the method, and that algorithm is set up as part of the specification itself? Perhaps that could work, but it might be difficult to technically set up (in my non-expert opinion; maybe that's not true), and also hard to get consensus on. But maybe not impossible? Steven
Received on Friday, 26 April 2019 22:39:29 UTC