W3C home > Mailing lists > Public > public-interledger@w3.org > October 2015

Identity and the need for security

From: Adrian Hope-Bailie <adrian@hopebailie.com>
Date: Mon, 26 Oct 2015 17:45:09 +0200
Message-ID: <CA+eFz_KR5c4CNK7DiiqaJ15UBm5tvKQFmQJ28JfZ8ra8HjOVmA@mail.gmail.com>
To: Interledger Community Group <public-interledger@w3.org>
Last Arie question:

In the case of Identity being critical, would there not be a strong case
for Security?

   - dynamic keys?
      - 3FFA?

By this I assume the question is about transactions where the parties must
be known due to regulations (KYC/AML)?

I wouldn't conflate security and identity. A system like ILP will require
that all messaging is done very securely with guarantees of authenticity a
given. What this ends up being specifically is yet to be decided I think.

Is a secure transport like TLS and signed messages using a unique keypair
for each entity enough. Do the keys need to be part of a chain that is
rooted at some specific entity (perhaps for regulatory reasons)?

Lots of models and architectures to consider.

What will be required is establishing some standards for how identity data
will be conveyed and here we should probably look at how this is already
done in message standards like ISO 20022 rather than re-invent the data
Received on Monday, 26 October 2015 15:45:38 UTC

This archive was generated by hypermail 2.3.1 : Monday, 26 October 2015 15:45:38 UTC