Re: [EXTERNAL] Re: The DID service endpoint privacy challenge from Daniel Hardman on 2020-06-30 (public-did-wg@w3.org from June 2020)

From: Daniel Hardman <daniel.hardman@evernym.com>
Date: Tue, 30 Jun 2020 16:27:02 -0600
To: Adrian Gropper <agropper@healthurl.com>
Cc: Daniel Buchner <Daniel.Buchner@microsoft.com>, "public-did-wg@w3.org" <public-did-wg@w3.org>
Message-ID: <CAFBYrUpMRM8WnCcrysWi_dvEY4KAiWLzkWv8jU22pxc0+GDQYA@mail.gmail.com>

That's a pretty good summary. One important nuance is that mediators are
one-way. When Alice is receiving messages, a mediator relays them to her.
When she is sending messages, the mediator is not involved. This is
essentially the way email works; you receive email through an MTA that
works for you, but when you send, you reach out to a different MTA that
works for the party you're sending to. Besides being more efficient,
simpler, and more direct, it has privacy benefits to make this distinction.

On Tue, Jun 30, 2020 at 3:51 PM Adrian Gropper <agropper@healthurl.com>
wrote:

> If I understand this correctly:
>
>    - The mediator business is like the VPN business:
>       - chosen by Alice
>       - paid by Alice
>       - makes no decisions on behalf of Alice (doesn't know any of
>       Alice's policies)
>       - frequently erases any logs
>    - If Alice chooses to change her mediator, links will fail for some
>    Requesting Parties (Bob) and they will need to discover Alice's new
>    mediator one way or another
>    - Bob's message to Alice is just Bob's DID and might have no
>    associated service endpoint
>    - The mediator sends a Bob's DID to a Service Endpoint in Alice's DID
>    document of type "RqP-DID"
>    - Alice's RqP-DID endpoint decides, based on policy, whether to send a
>    message to Bob, if Bob's DID
>       - If Bob's DID has no service endpoint then Alice may need to use a
>       discovery service to find another DID for Bob
>       - If Bob's DID has a service endpoint, the mediator will see that
>       and both Alice and Bob have to hope Alice has chosen an honest mediator
>    - DID Core best practice suggests that DIDs have only one service
>    endpoint and it points to either a mediator or a policy decision point
>       - Alice can choose to offer multiple service endpoints in a DID but
>       best practice would say that Alice does that only in a peer DID context
>       directly with Bob because Alice trusts Bob not to misuse the unmediated
>       endpoints.
>
> - Adrian
>

Received on Tuesday, 30 June 2020 22:27:28 UTC