- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Mon, 02 Nov 2015 23:38:53 -0500
- To: Web Payments CG <public-webpayments@w3.org>
On 11/02/2015 08:29 PM, UniDyne wrote: > Are we talking about signed or unsigned identifiers here? The identifiers are signed with the key that created them. The identifiers also have an access control list set of keys and other identifiers that are able to update the entry associated with the identifier in the WebDHT. > It seems like you would need a trusted third party (CA) to verify > their identity in the first place. We make a distinction between 'identifier', and 'identity'. The WebDHT is not about 'identity'. It's about 'identifiers'. To prove ownership over an identifier, all you need is a set of public keys associated with the identifier and a challenge. Any entity that has ownership over the identifier proves their ownership by signing the challenge. No CAs necessary (by design). Identity is where the Identity Credentials spec comes in: http://opencreds.org/specs/source/identity-credentials/ In this case, you can have other entities vouch for your identity through various means provided in the Identity Credentials spec above. > If someone loses their key (or it is compromised), they would need > to revoke the old key and vouch for the replacement. Yes, and the previous email to the group goes into a bit of detail about how this happens in the WebDHT. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny) Founder/CEO - Digital Bazaar, Inc. blog: Web Payments: The Architect, the Sage, and the Moral Voice https://manu.sporny.org/2015/payments-collaboration/
Received on Tuesday, 3 November 2015 04:39:20 UTC