Consider using DIDs to refer to public keys and authentication #161

mmccool · 2020-02-24T13:16:37Z

DID documents include information about public keys and authentication requirements, and DID URLs with fragments can be used to refer to this information.

Should we consider adding DID references of this type to particular TD security schemes, eg PSK, OAuth2, etc?

mmccool · 2020-03-09T12:51:17Z

action: Create a PR into the TD spec for discussion. Note however that DIDs are still in flight, so...

mmccool · 2020-03-23T12:46:03Z

Something like the following: in a security scheme that requires keys, like "psk", allow fields like:

"publickey": didURL#keyid;

where didURL#keyid is the URL of a did pointing at a public key.
As noted in issue #166, this requires integrity protection of TDs (at the very least). So if there is an "optional" integrity proof section (for instance), it would be required if there are any references like this.

This would not be for the "update" to the TD, but to "version 2.0" (TD Next). By then I would expect DIDs and JSON-LD signing would be normative or at least REC-track, so we can refer to them cleanly.

mmccool self-assigned this Mar 9, 2020

mmccool added the DID label Sep 21, 2020

mmccool mentioned this issue Jul 19, 2021

Update Secure Local Transport w3c/wot-security-best-practices#13

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Consider using DIDs to refer to public keys and authentication #161

Consider using DIDs to refer to public keys and authentication #161

mmccool commented Feb 24, 2020

mmccool commented Mar 9, 2020

mmccool commented Mar 23, 2020

Consider using DIDs to refer to public keys and authentication #161

Consider using DIDs to refer to public keys and authentication #161

Comments

mmccool commented Feb 24, 2020

mmccool commented Mar 9, 2020

mmccool commented Mar 23, 2020