W3C home > Mailing lists > Public > public-credentials@w3.org > February 2022

Re: Proposal Work Item | Credential Chaining

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Mon, 31 Jan 2022 22:20:14 -0500
To: public-credentials@w3.org
Message-ID: <e9bd4a35-3737-0d41-7ca9-7fa2539f8530@digitalbazaar.com>
On 1/31/22 9:48 PM, Joe Andrieu wrote:
> 
> More than that is a foot-gun machine and should be treated with great
> care. I appreciate Christopher's list of multi-sig capabilities, but
> without clear semantics, the crypto, IMO, is just as likely to give a
> false sense of rigor when the actual intention of the signer is a
> mismatch with the expectation of the verifier, but, "Hey! the math
> verifies, so it must be good, right?"
> 
> It doesn't matter if the math is valid if the meaning is 
> misinterpreted.
> 
> All of this is an argument in support of a work item that helps 
> standardize these kinds of semantics, especially if simplicity is a 
> core goal.

Huge +1 to this. One of the dangers in this multi-signatures area is
misinterpretation of what the signatures really mean.

There are many possibilities here that are neat cryptographic tricks
that are in search of a use case. As Joe states, we need to be very
careful that the interpretation of these multiple signatures are not
interpreted to mean something the signers never intended.

-- manu

-- 
Manu Sporny
Founder/CEO - Digital Bazaar, Inc.
Our Verifiable Credential Deployments
https://www.digitalbazaar.com/case-studies
Received on Tuesday, 1 February 2022 03:20:30 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:28 UTC