Comments (3)
did:ion doesn't put their pre-rotated keys (they call them "update commitment" and "recovery commitment") into the DID document.
Basically, if keys are only meant to be used for controlling the DID itself, then they shouldn't be in the DID document. If OTOH keys are expected to be used by applications or services that use DIDs (e.g. for signing W3C VCs), then they should be in the DID document.
It would theoretically be possible to add pre-rotated key commitments into the DID document as verification methods. This would make sense e.g. if you expect those pre-rotated keys to be used before they are revealed. For example, you could issue a W3C VC, signed by your pre-rotated keys, and they then become verifiable only after the pre-rotated keys are revealed.
This is what the work on EcdsaSecp256k1RecoveryMethod2020 / blockchainAccountId / ES256K-R was about, for example in Ethereum-based DID methods. In these methods, you have an Ethereum address (which is similar to the concept of a pre-rotated key) in the DID document, and people used their not-yet-revealed Ethereum keys for signing VCs:
https://w3c.github.io/did-spec-registries/#blockchainaccountid
from tswg-did-method-webs-specification.
I think this is a different verification relationship. @peacekeeper pointed out to me that pre-rotation is modeled in did:ion (albeit with some minor differences). It would be interesting to see whether they put it in the did doc.
from tswg-did-method-webs-specification.
Okay, if did:ion didn't put this kind of material in the did doc, I'm content for us to leave it out, too.
from tswg-did-method-webs-specification.
Related Issues (20)
- Reorder section 7 to emphasize the DID Method Operations and add Create/Update details HOT 5
- Security Characteristics are difficult to relate to did:webs HOT 2
- ABNF definition of method in section 6.2 not a full ABNF specification HOT 1
- Terminology needs to be aligned and KERI only question (related) HOT 10
- International and Unicode domain names
- Too much informative text; normative requirements not clear enough HOT 2
- Glossary Terms - ToIP & did:webs alignment HOT 3
- KERI Version strings all legacy in example jsons
- State document conventions regarding normative statements, informative statements, etc.
- Request to add did:webs to the DID method registry HOT 1
- Align blog post with Muggles session HOT 1
- attribute more contributors or editors HOT 2
- Direct mode AIDs are not the simplest, are they? HOT 1
- Discuss spec versioning and did document verification
- Spoofing did:webs didDocs HOT 7
- Cleanup defs and/or terminology.md HOT 4
- Remove the “Transformations” section, or at least the “did:peer” part of it HOT 2
- Full Example section paragraph is difficult for a newbie to parse and match with JSON HOT 2
- Can we shift or somehow de-emphasize the terminology section? HOT 4
- why must FQDN not include IP addresses? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tswg-did-method-webs-specification.