- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Sun, 13 Jun 2021 22:31:30 -0400
- To: semantic-web@w3.org
Dan Brickley wrote: > Signing the surface form does at least make clear exactly what was > the human-facing content being signed No, it wouldn't. There is always plausible deniability: I was tricked into signing that. That's not what I remember being on my screen when I clicked the button? There was a virus on my computer that clicked the button. My roommate stole my phone and did it. Everyone should be very careful about thinking this technology provides any sort of guarantee that it was clear what an individual signed and when they did it. This is why they have witnesses and notaries -- yes, this technology can be used to do that too, but the thing that makes it clear what the "human-facing content" is can rarely be trusted to be attested by one person or one system. This is an example of scope expansion that we don't want to get anywhere near. We are not creating trusted UIs or mechanisms for trusting that someone signed some sort of human-facing content. That's out of scope, happens higher up the stack, and requires more involved security protocols that the LD Signature WG shouldn't be getting anywhere near. -- manu -- Manu Sporny (skype: msporny, twitter: manusporny) Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launches
Received on Monday, 14 June 2021 02:31:58 UTC