Giters

WebOfTrustInfo / rwot5-boston

RWOT5 in Boston, Massachusetts (October 2017)

Home Page:http://www.WebOfTrust.Info

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Need to write DID:BTCR Best Practices vs Reasonable Practices Docs

kimdhamilton opened this issue · comments

commented

From @ChristopherA on July 8, 2017 3:2

At some point we need to write up some best practices vs reasonable practices documentation.

For instance, ideally you should treat your keys like you do with bitcoin — you use your root key to sign your transaction and immediately sign a few other objects with it (such as the DDO), and you never use it again. If you need ongoing signing keys, put them in the DDO and expire them regularly.

For a high-value pseudo-anonymous identity, you should treat your keys like glacier does for high-value bitcoin transactions, with raw transactions and air-gapped computers: https://glacierprotocol.org/

Clearly the DDO itself should not be centralized, so services like IPFS

As a different kind of example, in my first personal DDO at https://raw.githubusercontent.com/ChristopherA/self/master/ddo.jsonld, I do some things that are not recommended for a pseudo-anonymous identity (as it is clearly not anonymous). However, my choices there are reasonable. First, my DDO is centralized (it is a DNS URL, and it is hosted on github), but my commit of my DDO is signed by my PGP key there. Both are mirrored in a variety of places. When we later can add timestamping it will have more provenance.

Even though in my personal DDO example I'm not trying to be pseudo-anonymous, I also plan to try to not reveal information about others. So I might say I "know" another DID, but I will only do so if they have accepted it as a counter-claim (i.e. they "know" my DID). There is no technological way to force this, but as a social practice we should encourage it.

Copied from original issue: WebOfTrustInfo/btcr-hackathon-2017#20

commented

From @ChristopherA on July 11, 2017 21:55

A first pass at some quick definitions:

  • Reasonable Practices (see #32) — basically secure but not for truly pseudo-anonymous identities. Low cost in both establishing and maintaining identity in skills, $ and time.

  • Pragmatic Practices — more secure for persistent pseudo-anonymous identities, but more to avoid attacks by black hats or corporate attackers. Higher cost in skills, $ and time.

  • Best Practices — the most secure for pseudo-anonymous identity (i.e. it is possible that have short term persistence, like Satoshi (a few years) or Tom Elvis Jedusor (1 day). Presumes a greater need to avoid attacks by nation state actors and large consortia (aka miners). Censorship resistance and avoiding traffic attacks and other correlation a priority. Highest cost is skils, $ and time.

commented

assign to Christopher