- From: Melvin Carvalho <melvincarvalho@gmail.com>
- Date: Wed, 2 Jan 2019 08:22:53 +0100
- To: Manu Sporny <msporny@digitalbazaar.com>
- Cc: W3C Credentials CG <public-credentials@w3.org>
- Message-ID: <CAKaEYhKU_Dyg2YYp95+jHLiD4Kuob493ZA7zcBb3mijM9VBu8A@mail.gmail.com>
On Tue, 1 Jan 2019 at 19:02, Manu Sporny <msporny@digitalbazaar.com> wrote: > Hi all (bcc: Protocol Labs Research Division), > > The Multihash specification was drafted before/during the last RWoT and > has been released as an IETF Internet-Draft. The specification is > intended to be a joint work product of Protocol Labs (IPFS and > Filecoin), the W3C Digital Verification Community Group, and the W3C > Credentials Community Group... which means we need to decide if we're > adopting it as a Work Item in the CCG. > > So, what problem does Multihash solve and why do we care? > > Our community depends on cryptographic hashes to generate short > fingerprints for files and data. These fingerprints look like this as > binary data: > > 0x0a4ec6f1629e49262d7093e2f82a3278 > > While that may look like gobbledygook to a human reader, it's enough for > a computer to uniquely identify, for example, one picture among all of > the other trillions of pictures on the Web. We use these fingerprints > when working with Verifiable Credentials, DIDs, public keys, and > evidence data (images, PDFs, etc.) that are linked to VCs. > > The problem is that we don't know what sort of cryptographic hash > function generated the hash above, so we need to put an identifier at > the front of that cryptographic hash. That's basically what Multihash > does: it provides a mechanism to identify how cryptographic hashes were > generated. > > This is useful because if we have a cryptographic hash identifier, we > can design upgradability into the systems we're building today. > Cryptographic hashing systems are broken every 10 years or so -- they > have a shelf life and will eventually need to be upgraded. Building this > concept of upgradability into our systems, especially DIDs and VCs, is a > good engineering practice and the Multihash spec enables us to do just > that. It's a fairly short 10 page spec and can be found here: > > https://tools.ietf.org/html/draft-multiformats-multihash-00 > > This email is a request to the Chairs to add this to the next meeting > Agenda for the CCG and adopt it as a work item. > Does not RFC 6920 (Naming things with hashes) already have this property https://datatracker.ietf.org/doc/rfc6920/ And furthermore, has the advantage of a way to dereference the hash using HTTP. Are there any substantial advantages to the multiformats RFC? > > -- manu > > -- > Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) > Founder/CEO - Digital Bazaar, Inc. > blog: Veres One Decentralized Identifier Blockchain Launches > https://tinyurl.com/veres-one-launches > >
Received on Wednesday, 2 January 2019 07:23:28 UTC