From 5d80340233627e786b1aefc04210ca19f69efe5a Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sun, 16 May 2021 15:25:41 -0400 Subject: [PATCH 1/2] Update Verification Method Rotation section. --- index.html | 124 +++++++++++++++++++++++++++-------------------------- 1 file changed, 63 insertions(+), 61 deletions(-) diff --git a/index.html b/index.html index b9fc5c31..0f9a9a54 100644 --- a/index.html +++ b/index.html @@ -4596,78 +4596,80 @@

Key and Signature Expiration

-

Verification Method Rotation

-

Verification method rotation is a proactive security measure.

- -

- Verification method rotation applies only to the current or latest - version of a DID Document. -

-

- When a verification method has been active for a long time, or used - for many operations, a controller might wish to perform a rotation. -

- -

- It is considered a best practice to perform verification method - rotation on a regular basis. -

- - -

- Proofs or signatures that rely on verification methods that are not - present in the latest version of a DID Document are not impacted by - rotation, and might require additional information to mitigate compromise. +Rotation is a management process that enables the secret cryptographic material +associated with an existing verification method to be deactivated or +destroyed once a new verification method has been added to the DID +document. Going forward, any new proofs that a controller would have +generated using the old secret cryptographic material can now instead be +generated using the new cryptographic material and can be verified using the +new verification method.

- Section specifies the - DID operations to be supported by a - DID method specification, including - update - which is expected to be used to perform a verification method rotation. +Rotation is a useful mechanism for protecting against verification method +compromise, since frequent rotation of a verification method by the controller +reduces the value of a single compromised verification method to an attacker. +Performing revocation immediately after rotation is useful for verification +methods that a controller designates for short-lived verifications, such as +those involved in encrypting messages and authentication.

- A controller performs a rotation when they add a new verification - method that is meant to replace an existing verification method after - some time. +The following considerations might be of use when contemplating the use of +verification method rotation:

-

Not all DID Methods support verification method rotation.

- -

- Rotation is a key management process that enables the private cryptographic - material associated with an existing verification method to be deactivated - or destroyed once a new verification method has been added to the DID - Document. Going forward, any new proofs that a controller would have generated - using the old cryptographic material can now instead be generated using the new - material and can be verified using the new verification method. -

- -

- Rotation is a useful mechanism for protecting against verification - method compromise, since frequent rotation of a verification method by - the controller reduces the value of a single compromised verification method - to an attacker. Performing revocation immediately after rotation is - useful for verification methods that a controller designates for - short-lived verifications, such as those involved in encrypting messages - and authentication. -

- -

- Higher security environments tend to employ more frequent verification - method rotation. -

- -

- Frequent rotation of a verification method might be frustrating for - parties that are forced to continuously renew or refresh associated - credentials. -

+
From 7bce4709b3b21b5c0af98af76e85dd6336945ef5 Mon Sep 17 00:00:00 2001 From: Manu Sporny Date: Sat, 29 May 2021 15:16:57 -0400 Subject: [PATCH 2/2] Apply suggestions to Verification Method Rotation by @msporny and @kdenhartog. Co-authored-by: Kyle Den Hartog --- index.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/index.html b/index.html index 0f9a9a54..479905ba 100644 --- a/index.html +++ b/index.html @@ -4627,7 +4627,7 @@

Verification Method Rotation

Verification method rotation is a proactive security measure.
  • -It is considered a best practice to perform verification method rotation +It is generally considered a best practice to perform verification method rotation on a regular basis.
  • @@ -4635,7 +4635,7 @@

    Verification Method Rotation

    rotation.
  • -Verification method rotation applies only to the current or latest +Verification method rotation manifests only as changes to the current or latest version of a DID document.
  • @@ -4653,7 +4653,7 @@

    Verification Method Rotation

    information, such as when a particular verification method was expected to be valid as well as access to a verifiable data registry containing a historical record, to determine the validity of the proof or -signature. +signature. This option might not be available in all DID methods.
  • The section on DID method operations specifies