- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Mon, 26 Jul 2021 10:09:33 -0400
- To: jonn@doma.dev, Ted Thibodeau Jr <tthibodeau@openlinksw.com>
- Cc: Wayne Chang <wyc@fastmail.fm>, W3C DID Working Group <public-did-wg@w3.org>, W3C Verifiable Credentials Working Group <public-vc-wg@w3.org>
On 7/26/21 6:03 AM, jonn@doma.dev wrote: > Not to undervalue legitimate security audits and threat modeling Jonn, strongly agree with your position. I will also note that we are in the process of setting up a deeper and more long-term relationship with the IETF Security Area Directorate and the Internet Research Task Force's Cryptography Forum Research Group to go beyond the typical due diligence that is performed on W3C standards from a security audit and threat modelling perspective: https://mailarchive.ietf.org/arch/msg/secdir/ijoxNV3tjqYw1WOKI7T5O0JYts0/ We can always do better and while attacks like Harry's are unpleasant, we are trying to extract something good out of it by continuing to improve the sort of due diligence that has gone into these technologies. Onward, :) -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. News: Digital Bazaar Announces New Case Studies (2021) https://www.digitalbazaar.com/
Received on Monday, 26 July 2021 14:09:52 UTC