Comments (2)
From @ChristopherA on July 10, 2017 0:8
See also @petertodd's comments in WebOfTrustInfo/btcr-hackathon-2017#2 (comment)
from rwot5-boston.
From @rxgrant on July 10, 2017 2:6
If we were going to invert the responsibilities for discovering the communication resources that DDOs describe (i.e. "service endpoints": names + protocols + IPaddrs), and were instead going to use DIDs merely for verifying signatures, then we could consider pay-to-contract options that offer higher censorship resistance. We can leave this choice to each DID registrant, but it seems that stuffing data in DDOs is a major feature (which even the otherwise-stealthy deterministic-DDO case will support, via OP_RETURN), and that revocation design constraints should assume the common case of a DID pointing to a DDO in an unavoidably public way.
We could even support time-lock-stealth revocations, although the logic of trying to hide the revocation is similar to the broken logic of blacklisting, in that your attacker clearly knows what's going on before you do (in all but the "lost my phone" case), and can arrange countermeasures using this information advantage. The attacker knows the chain of transactions that you would revoke on, and would have plenty of time to arrange a preferential censoring relationship with whichever miners would support it.
What this means for the protocol is that if we are indeed aiming for revocation censorship resistance (beyond merely looking for an honest miner, or waiting for opcodes to implement a revocation sidechain), then the only option is to support stealth pay-to-contract addresses initiated from any transaction history (instead of occurring on the history of the DID). The work to unlock these would still need to be shared with peers in a censorship-resistant way using something like a sidechain, but that's trustless and only requires spam prevention, not transaction ordering.
If we figure out how to do that for revocations, then we can point to DDO data the same way.
from rwot5-boston.
Related Issues (20)
- Typo: name is wolberger, not wolberg HOT 1
- Activitypub append-only and content addressed storage
- Typo in final-documents/Amira.md
- Where is authorizedRevokingParties stored? HOT 3
- Types of Pointers to DDOs & URI Prefixes? HOT 3
- Specify an tx-signed deterministic DDO HOT 2
- BTCR intro documentation HOT 2
- DDOs as Verifiable Claims HOT 3
- Everyone: github DID HOT 2
- Demo of DID:BTCR / DDO based on reasonable practices HOT 3
- Holds and Timelocks HOT 1
- Need better name for what OP_RETURN is pointing to
- Testnet DID creation tool
- Email for results of BTCR Hackathon HOT 1
- When storing the DDO on IPFS how to encode the corresponding hash in the OP_RETURN HOT 2
- At close of Hackathon, evangelize results to continue dialog HOT 1
- Concerns about BTCR method
- Display of DDO if no OP_RETURN present HOT 1
- BTCR: control key schema?
- Data Minimization and Selective Disclosure Plan US_Canada_Attendee_WITH_Topic_Paper_5641 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rwot5-boston.