Comments (7)
My understanding was that there is (is going to be?) a “KERI-way” event to indicate that DID associated to the did:webs location. My understanding was also that there would be a further way a way to say “Here is the new did:webs DID for this AID” that could be used to add an “AlsoKnownAs” entry into the DID for an old web location to be used in case of redirections, the merges of organizations, etc. — any situation where the controller wants to indicate the have deliberately moved the document.
Yes you are correct, the method that @pfeairheller proposed and that we have discussed would be to anchor on a TEL which is anchored to the KEL of the original AID an attestation of what domain names are allowed as AKAs for that did:webs AID. This would be secure. Simply including an unanchored or otherwise unprotected AKA in a didDoc for some did:webs did does not protect one from a spoofing attack. When given a protected verifiable attestation as suggested, a trusted did:webs resolver can securely populate the AKA section of the didDoc with the other domain names or equivalently the other did:webs dids that all share the same AID but have different domains.
This attestation could be included in the keri.cesr file because CESR supports streaming of such attestations (as ACDCs) even when interleaved with key events and their attachments. Technically the attestation would be a type of ACDC with a schema that defines it as an attestation of AKAs for the did:webs dids allowed by the issuing aid.
The resolver just has to search for schema SAIDs that match the defined SAID for such attestations.
This could be extended to any type of data that we want to include in a did:webs didDoc that we want to have the security property of being anchored to key state. All the resolver has to know is the schema SAIDS of any attestations it is responsible for extracting from the keri.cesr file and then when it processes the keri.cesr file it can match and extract the associated attestations and populate the associated fields or blocks in the did:doc with highest class security according to the KERI way.
from tswg-did-method-webs-specification.
From our meeting today:
- The domain is helpful for discovery but there is no guarantee that the controller has control of the domain it is hosted on for instance the did document on github.
- The controller only controls the unique (KERI AID) identifier
- If some one asserts a relationship between your AID and a domain (hosting a did:webs with your AID on their domain), it would be nice to be able to anchor what relationships you 'approve' (the domains you have chosen to host it).
- Related issue is your transition from domains over time (my university merged with another, the did:webs on both domains are equivalent)
- We recognize that domain names are not persistent
from tswg-did-method-webs-specification.
Very useful @SmithSamuelM ! Thank you for tying the security characteristics concepts (Out-of-band associations, Anchoring, BADA-RUN, bare signatures) together based on our meeting discussion today regarding spoofed AIDs. I especially appreciate that you enumerated the options, so that I could compare the pros/cons of each solution!
from tswg-did-method-webs-specification.
My understanding was that there is (is going to be?) a “KERI-way” event to indicate that DID associated to the did:webs location. My understanding was also that there would be a further way a way to say “Here is the new did:webs DID for this AID” that could be used to add an “AlsoKnownAs” entry into the DID for an old web location to be used in case of redirections, the merges of organizations, etc. — any situation where the controller wants to indicate the have deliberately moved the document.
from tswg-did-method-webs-specification.
anchor on a TEL which is anchored to the KEL of the original AID an attestation of what domain names are allowed as AKAs
I know I missed the meeting today, but somehow I still don't get what's the spoofing attack described here or in #28.
If I create an AID 12345
that I control, and even if I manage to break into Coca Cola's servers and upload my did.json
and keri.cesr
such that did:webs:coca-cola.com:12345
(my AID on Coca Cola's servers) becomes resolvable and verifiable, so what?
-
Is the problem that people will look at the human-readable part of the DID and think that it's really Coca Cola --> Well if you rely on something like that, then you haven't really understood what DIDs are anyway. Especially if you have a bit of a KERI background, you should understand that the domain name is only for discovery and doesn't mean anything.
-
Is the problem that my
did.json
andkeri.cesr
will get deleted from the Coca Cola servers and I have to move my AID elsewhere? --> Well the assumption of KERI (and DIDs) is that the web is broken anyway and that this always happens eventually, so we need to deal with it in any case.
from tswg-did-method-webs-specification.
We will discuss this and related issues at today's meeting
from tswg-did-method-webs-specification.
The other issues/PRs related to equivalentId, alsoKnownAs, redirection using the designated aliases feature provides a strong additional layer of protection against spoofing,etc. Great conversation!
from tswg-did-method-webs-specification.
Related Issues (20)
- Reorder section 7 to emphasize the DID Method Operations and add Create/Update details HOT 5
- Security Characteristics are difficult to relate to did:webs HOT 2
- ABNF definition of method in section 6.2 not a full ABNF specification HOT 1
- Terminology needs to be aligned and KERI only question (related) HOT 10
- International and Unicode domain names
- Too much informative text; normative requirements not clear enough HOT 2
- Glossary Terms - ToIP & did:webs alignment HOT 3
- KERI Version strings all legacy in example jsons
- State document conventions regarding normative statements, informative statements, etc.
- Request to add did:webs to the DID method registry HOT 1
- Align blog post with Muggles session HOT 1
- attribute more contributors or editors HOT 2
- Direct mode AIDs are not the simplest, are they? HOT 1
- Discuss spec versioning and did document verification
- Cleanup defs and/or terminology.md HOT 4
- Remove the “Transformations” section, or at least the “did:peer” part of it HOT 2
- Full Example section paragraph is difficult for a newbie to parse and match with JSON HOT 2
- Can we shift or somehow de-emphasize the terminology section? HOT 4
- why must FQDN not include IP addresses? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tswg-did-method-webs-specification.