what is the ID of the fusion identity?
mixmix opened this issue · comments
is it:
- the root message key?
- if yes, then why is the proposed format
@sdafsdfsdf=.fusion-v1
- if yes, then why is the proposed format
- is if the public part of a public/private keyPair that then gets used for DM'ing?
- if yes, how do we share the private part, and publish the public part?
- how do we cycle the dm keys? (do we need to?)
* the root message key?
no
* is if the public part of a public/private keyPair that then gets used for DM'ing?
yes
* if yes, how do we share the private part, and publish the public part?
Private: https://github.com/ssb-ngi-pointer/fusion-identity-spec#entrust
Public: since all the messages except entrust is public and includes the public key, one should be able to figure out what fusion identities a ID is part of by reducing the state. Specifically init
and consent
and tombstone
messages are important.
* how do we cycle the dm keys? (do we need to?)
IIRC we decided not to do this as that would complicate the spec and you can always cycle keys by tombstoning and creating a new identity.
thanks for some of those reminders - hard trying to design two similar features in parallel
so we would have a thing like:
@sfsdfsdfs.....dfsdf=.fusion1
- this could be used to look up a root messageId, then reduce the tangle to see who's involved (if you want)
- if you put this in
recps
then you know to use this as a dm key- doesn't require looking anything up from key-store, just go straight to DH-key with appropriate key-scheme