- From: Vigas Deep <vigasdeep@gmail.com>
- Date: Wed, 14 Feb 2024 22:52:02 +0530
- To: Manu Sporny <msporny@digitalbazaar.com>
- Cc: "Joosten, H.J.M. (Rieks)" <rieks.joosten@tno.nl>, Chaals Nevile <charles.nevile@consensys.net>, "public-did-wg@w3.org" <public-did-wg@w3.org>
On Wed, Feb 14, 2024 at 6:35 PM Manu Sporny <msporny@digitalbazaar.com> wrote: > > On Wed, Feb 14, 2024 at 3:04 AM Joosten, H.J.M. (Rieks) > <rieks.joosten@tno.nl> wrote: > > so anyone with access to that storage could change the did doc, unless the particular method itself requires the doc to be signed by a/the controller. I think did:web is vulnerable and there may be others. > > Yes to what Chaal's said, and ... > > Yes, what Rieks said is also true. > > There are multiple efforts to put tighter security around did:web > which end up looking very much like a transaction log on the DID > Document (signed transactions on changes to the DID Document)... which > then, of course, end up looking like a mini-blockchain. > > To more directly answer Vigas' question: There have been DID Methods > for IPFS and Github... none for Google Drive (that I know of), but I > expect the Google Drive DID Documents would end up looking close to > what a did:web DID Document would look like. This is exactly what I needed to hear sir, thank you everyone for responding promptly and clearing my doubts. And, happy to be here. Cheers :) -- Vigas Deep [W] | https://vigasdeep.com
Received on Wednesday, 14 February 2024 17:22:19 UTC