- From: Dmitri Zagidulin <dzagidulin@gmail.com>
- Date: Sat, 2 Jan 2021 20:41:23 -0500
- To: Adrian Gropper <agropper@healthurl.com>
- Cc: W3C DID Working Group <public-did-wg@w3.org>
Received on Sunday, 3 January 2021 01:41:55 UTC
Hi Adrian, It's a tough question (because the term 'Zero Trust' is kind of vague and undefined, or at least differently defined across projects). But aside from that - no. Confidential Storage is pretty much the opposite of "zero trust" (which is why, if you recall, 'Zero Trust' was intentionally excluded from the list of valid names, when we were renaming the spec). We recognize that encryption is not enough, and we require trusted servers to enforce authorizations. So, I'm sure there's a time and place for "zero trust architecture", it's just that it's completely out of scope for this group. On Sat, Jan 2, 2021 at 6:35 PM Adrian Gropper <agropper@healthurl.com> wrote: > Please read > https://www.nytimes.com/2021/01/02/us/politics/russian-hacking-government.html > > What would be a good way for our SSI communities to advance zero trust > architecture through more effective accountability and audit? > > Adrian >
Received on Sunday, 3 January 2021 01:41:55 UTC