W3C home > Mailing lists > Public > public-credentials@w3.org > February 2022

Re: Proposal Work Item | Credential Chaining

From: Mike Prorock <mprorock@mesur.io>
Date: Mon, 31 Jan 2022 23:20:37 -0500
Message-ID: <CAGJKSNS32_C1CLzgKka466acN3_CUk_aXVV8QGuPdD2FcEYkTA@mail.gmail.com>
To: Manu Sporny <msporny@digitalbazaar.com>
Cc: W3C Credentials CG <public-credentials@w3.org>
++1 to Joe as noted by Manu.  The underlying semantic meaning is a pretty
key thing here

Mike Prorock
mesur.io

On Mon, Jan 31, 2022, 22:20 Manu Sporny <msporny@digitalbazaar.com> wrote:

> On 1/31/22 9:48 PM, Joe Andrieu wrote:
> >
> > More than that is a foot-gun machine and should be treated with great
> > care. I appreciate Christopher's list of multi-sig capabilities, but
> > without clear semantics, the crypto, IMO, is just as likely to give a
> > false sense of rigor when the actual intention of the signer is a
> > mismatch with the expectation of the verifier, but, "Hey! the math
> > verifies, so it must be good, right?"
> >
> > It doesn't matter if the math is valid if the meaning is
> > misinterpreted.
> >
> > All of this is an argument in support of a work item that helps
> > standardize these kinds of semantics, especially if simplicity is a
> > core goal.
>
> Huge +1 to this. One of the dangers in this multi-signatures area is
> misinterpretation of what the signatures really mean.
>
> There are many possibilities here that are neat cryptographic tricks
> that are in search of a use case. As Joe states, we need to be very
> careful that the interpretation of these multiple signatures are not
> interpreted to mean something the signers never intended.
>
> -- manu
>
> --
> Manu Sporny
> Founder/CEO - Digital Bazaar, Inc.
> Our Verifiable Credential Deployments
> https://www.digitalbazaar.com/case-studies
>
>
Received on Tuesday, 1 February 2022 04:21:58 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:28 UTC