Re: [Potential Malicious Mail]Re: Query: Storing DID Documents on Centralized Platforms

On Wed, Feb 14, 2024 at 3:04 AM Joosten, H.J.M. (Rieks)
<rieks.joosten@tno.nl> wrote:
> so anyone with access to that storage could change the did doc, unless the particular method itself requires the doc to be signed by a/the controller. I think did:web is vulnerable and there may be others.

Yes to what Chaal's said, and ...

Yes, what Rieks said is also true.

There are multiple efforts to put tighter security around did:web
which end up looking very much like a transaction log on the DID
Document (signed transactions on changes to the DID Document)... which
then, of course, end up looking like a mini-blockchain.

To more directly answer Vigas' question: There have been DID Methods
for IPFS and Github... none for Google Drive (that I know of), but I
expect the Google Drive DID Documents would end up looking close to
what a did:web DID Document would look like.

-- manu

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
https://www.digitalbazaar.com/

Received on Wednesday, 14 February 2024 13:05:43 UTC