- From: Aaron Goldman <goldmanaaron@gmail.com>
- Date: Fri, 13 Dec 2024 09:33:33 -0800
- To: public-did-wg@w3.org
- Message-ID: <CAE6sXqhpY5jiHtNp99R_20-fHRAnXvsXMbnVrd=1sJ=24+xW_Q@mail.gmail.com>
I wonder if it would be better to have standard guidance for did:key extractors. There are many kinds of certs (Certificate Chains, GPG keys, Libp2p adresses, wallet address, nostr npub1 public keys). There are many many specs that bottom out as a public key in a key format supported by did:key X25519 Secp256k1 BLS 12381 P-256 P-384 P-521 RSA If we have guidance on how tools that use these specs to output a did:key and the did doc from that key. maybe even using signed-ietf-json-patch to add any fields that are unique to that use case https://github.com/decentralized-identity/did-spec-extensions/blob/main/parameters/signed-ietf-json-patch.md *did:key:123?signedIetfJsonPatch=head.body.sig* On Fri, Dec 13, 2024 at 8:06 AM Markus Sabadello <markus@danubetech.com> wrote: > Not sure about potential adoption. > > From a technical perspective it would certainly be interesting to > define such a PGP-based DID method, to illustrate how DIDs can really > serve as an abstraction layer for pretty much any key-based identifier > system. > > Markus > > On 12/13/24 11:53 PM, Filip Kolarik wrote: > > Thank you for the feedback. GPG keys are widely used, for example, by > > GitHub users to obtain verified badges (alongside SSH keys), for > > signing artifacts published on Maven Central, and Ubuntu has a > > built-in key manager connected to key servers. These are just a few > > examples, and I’m sure there are many more. > > > > Focusing on a smaller group (perhaps in the lower hundreds of > > thousands?) at this stage of adoption could be far more beneficial for > > the community than attempting to find a use case targeting millions of > > non-technical users who may not fully grasp the purpose or value. By > > expanding the current community of developers, we could help create > > broader awareness and adoption over time. > > > > Best > > Filip > > > > On Fri, Dec 13, 2024 at 2:49 PM Manu Sporny <msporny@digitalbazaar.com> > wrote: > >> On Thu, Dec 12, 2024 at 9:00 PM Filip Kolarik <filip26@gmail.com> > wrote: > >>> I’d appreciate any thoughts or feedback on this idea, as well as > >>> insight into whether there is interest or alignment with the goals of > >>> this group. > >> There was a previous attempt at a did:pgp, but I don't think it really > >> went anywhere. I think the general thinking has been: "Yes, but how > >> many people have an active PGP key... and would they be interested in > >> converting that to a DID?" -- and the answer seems to be: "Not many" > >> and "Probably not". > >> > >> I think a more likely bootstrap would be SSH keys, because developers > >> need to use them, but again, the developer population is really small > >> compared to the user population. If we look at the largest deployment > >> of DIDs to date, BlueSky, I expect that next to none of those 25M+ > >> people know they're even using a DID (which is where we need to be). > >> > >> Just some thoughts... not saying not to do a did:pgp, just noting > >> we've had some discussions in the past and it didn't seem to go > >> anywhere the first time around. > >> > >> -- manu > >> > >> -- > >> Manu Sporny - https://www.linkedin.com/in/manusporny/ > >> Founder/CEO - Digital Bazaar, Inc. > >> https://www.digitalbazaar.com/ > >
Received on Friday, 13 December 2024 17:33:50 UTC