Re: [EXT] did:webs vs did:tdw from Daniel Hardman on 2024-06-24 (public-did-wg@w3.org from June 2024)

From: Daniel Hardman <daniel.hardman@gmail.com>
Date: Mon, 24 Jun 2024 21:11:04 +0200
To: "John, Anil" <anil.john@hq.dhs.gov>
Cc: W3C DID Working Group <public-did-wg@w3.org>
Message-ID: <CACU_ch=w8P0UEzLasDa1+vds+ddj=89tH5bad_eJ1C_regX=EA@mail.gmail.com>

>
>
>    1. Is there functionality that could be integrated into did:web
>    itself? It plays well with the existing did:web, so could the DID log file
>    functionality that is provided by did:tdw be an optional aspect of did:web?
>    (An implementer could then profile that to be a requirement if they so
>    choose?)
>
>
IMO, an important objective in all of our stacks ought to be to allow users
(or the software they trust to keep them safe) to reason with confidence
about the security properties of an interaction that depends on DIDs. If we
give optional security properties to a DID method, then it becomes
impossible to reason about the security properties of an interaction just
based on the DID method; you actually need to know the configuration
properties of a specific DID. I believe this is a bad idea. Let security
properties be characteristic of a method, not of an individual DID.

Received on Monday, 24 June 2024 19:11:21 UTC