Re: [Potential Malicious Mail]Re: Query: Storing DID Documents on Centralized Platforms

On Wed, Feb 14, 2024 at 6:35 PM Manu Sporny <msporny@digitalbazaar.com> wrote:
>
> On Wed, Feb 14, 2024 at 3:04 AM Joosten, H.J.M. (Rieks)
> <rieks.joosten@tno.nl> wrote:
> > so anyone with access to that storage could change the did doc, unless the particular method itself requires the doc to be signed by a/the controller. I think did:web is vulnerable and there may be others.
>
> Yes to what Chaal's said, and ...
>
> Yes, what Rieks said is also true.
>
> There are multiple efforts to put tighter security around did:web
> which end up looking very much like a transaction log on the DID
> Document (signed transactions on changes to the DID Document)... which
> then, of course, end up looking like a mini-blockchain.
>
> To more directly answer Vigas' question: There have been DID Methods
> for IPFS and Github... none for Google Drive (that I know of), but I
> expect the Google Drive DID Documents would end up looking close to
> what a did:web DID Document would look like.

This is exactly what I needed to hear sir, thank you everyone for
responding promptly and clearing my doubts.

And, happy to be here. Cheers :)

-- 
Vigas Deep
[W] | https://vigasdeep.com

Received on Wednesday, 14 February 2024 17:22:19 UTC