Are we talking about signed or unsigned identifiers here? It seems like you would need a trusted third party (CA) to verify their identity in the first place. If someone loses their key (or it is compromised), they would need to revoke the old key and vouch for the replacement. On Mon, Nov 2, 2015 at 6:16 PM, Randall Leeds <randall.leeds@gmail.com> wrote: > You no one other than you finds that private key before the expiration > date. :) > > On Mon, Nov 2, 2015 at 3:08 PM David Nicol <davidnicol@gmail.com> wrote: > >> you don't do that. >> >> On Mon, Nov 2, 2015 at 4:44 PM, Manu Sporny <msporny@digitalbazaar.com> >> wrote: >> > On 11/02/2015 05:25 PM, David Nicol wrote: >> >> I'm of the opinion that a hash of a public key makes a fine DHT >> >> handle for an identity that can be validated by demonstration of >> >> access to the matching private key. >> > >> > What happens when you lose the private key associated with matching >> > public key? >> > >> > -- manu >> > >> > -- >> > Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) >> > Founder/CEO - Digital Bazaar, Inc. >> > blog: Web Payments: The Architect, the Sage, and the Moral Voice >> > https://manu.sporny.org/2015/payments-collaboration/ >> >> >> >> -- >> "If I can quote Alice Walker, 'The biggest way people give up power is >> by not knowing they have it to start with.' " -- Jill Stein, the most >> successful female candidate for POTUS to date >> >>
Received on Tuesday, 3 November 2015 01:30:32 UTC