- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Wed, 14 Feb 2024 08:04:59 -0500
- To: "Joosten, H.J.M. (Rieks)" <rieks.joosten@tno.nl>
- Cc: Chaals Nevile <charles.nevile@consensys.net>, Vigas Deep <vigasdeep@gmail.com>, "public-did-wg@w3.org" <public-did-wg@w3.org>
On Wed, Feb 14, 2024 at 3:04 AM Joosten, H.J.M. (Rieks) <rieks.joosten@tno.nl> wrote: > so anyone with access to that storage could change the did doc, unless the particular method itself requires the doc to be signed by a/the controller. I think did:web is vulnerable and there may be others. Yes to what Chaal's said, and ... Yes, what Rieks said is also true. There are multiple efforts to put tighter security around did:web which end up looking very much like a transaction log on the DID Document (signed transactions on changes to the DID Document)... which then, of course, end up looking like a mini-blockchain. To more directly answer Vigas' question: There have been DID Methods for IPFS and Github... none for Google Drive (that I know of), but I expect the Google Drive DID Documents would end up looking close to what a did:web DID Document would look like. -- manu -- Manu Sporny - https://www.linkedin.com/in/manusporny/ Founder/CEO - Digital Bazaar, Inc. https://www.digitalbazaar.com/
Received on Wednesday, 14 February 2024 13:05:43 UTC