Add Use Cases and Requirements #103
Conversation
msporny
requested review from
npdoty,
dlongley,
jandrieu,
longpd,
iherman,
dmitrizagidulin,
mccown,
David-Chadwick,
decentralgabe,
selfissued,
KDean-Dolphin and
brentzundel
| public cryptographic keys. The [=controller document=] contains [=verification | ||
| relationships=] that explicitly permit the use of certain [=verification | ||
| methods=] for specific purposes. | ||
| relationships between an identifier that is controlled by a [=controller=] and a |
There was a problem hiding this comment.
Two comments
- All the use case seem to be (mostly) around identifiers, making it more explicit by the reference to the DID use cases. It does not really justify the usage in VCs. I believe such use case would be important with, if possible, a reference to the VC use cases as well
- We have a bunch of terms defined for referencing crypto keys, must notably Multikeys and JSONWebKeys. Something in the use cases should justify the creation of those here.
index.html
Outdated
| Digital signatures, based on | ||
| <a href="https://en.wikipedia.org/wiki/Public-key_cryptography">asymmetric | ||
| cryptography</a>, can be used in [=authentication=] and [=authorization=] | ||
| schemes to make them difficult for adversaries to compromise. However, | ||
| one shortcoming of digital signatures is the challenge in disseminating | ||
| necessary information, such as public cryptographic keys, to those who need | ||
| to verify the security of a digital signature. |
| schemes to make them difficult for adversaries to compromise. However, | ||
| one shortcoming of digital signatures is the challenge in disseminating | ||
| necessary information, such as public cryptographic keys, to those who need | ||
| to verify the security of a digital signature. |
There was a problem hiding this comment.
| to verify the security of a digital signature. | |
| to verify the security of a digital signature. Another potential shortcoming is notifying the holder of a public key when it should no longer be used. |
Either this or the above, since the problem is not only disseminating the public keys. It is the whole management lifecycle of them.
There was a problem hiding this comment.
I don't understand how this is "another" "potential" shortcoming. I don't see any other (potential or definite) shortcomings discussed in the prior text. This suggestion needs more work before it should be considered ready to merge.
There was a problem hiding this comment.
I attempted to make the language simpler in 7a2f27d.
|
The issue was discussed in a meeting on 2024-10-16
View the transcript4.1. Add Use Cases and Requirements (pr controller-document#103)See github pull request controller-document#103. Manu Sporny: controller doc and did document provide different solutions to ownership. |
| schemes to make them difficult for adversaries to compromise. However, | ||
| one shortcoming of digital signatures is the challenge in disseminating | ||
| necessary information, such as public cryptographic keys, to those who need | ||
| to verify the security of a digital signature. |
There was a problem hiding this comment.
I don't understand how this is "another" "potential" shortcoming. I don't see any other (potential or definite) shortcomings discussed in the prior text. This suggestion needs more work before it should be considered ready to merge.
Co-authored-by: Dave Longley <[email protected]>
Co-authored-by: Ted Thibodeau Jr <[email protected]> Co-authored-by: David Chadwick <[email protected]>
msporny
force-pushed
the
msporny-use-cases
branch
from
a853cd3 to
4b02bcd
Compare
|
@iherman wrote:
Done in 6ad135b.
Done in 8dac975. |
|
Editorial, multiple reviews, changes requested and made, no objections, merging. |
This PR is an attempt to partially address issue #93 and #94 by adding a Use Cases and Requirements section.
/cc @jyasskin and @hadleybeeman
Preview | Diff