Orie Steele
Orie Steele
I suggest closing this issue, as its already acknowledged here: https://w3c-ccg.github.io/did-method-web/#dns-security-considerations
Agree, this issue should be closed, this will be at the discretion of the web service provider / hosting company... I'll suggest using GitHub / version control, but I don't...
I think it would be good to finalize this at CCG and pick up the work elsewhere.
@mirceanis https://github.com/w3c/did-spec-registries/blob/master/vocabs/v1/context.jsonld#L85 The did core spec does not even list `publicKey` any more, see: https://w3c.github.io/did-core/#did-document-properties however it is still present in the context: https://github.com/w3c/did-spec-registries/blob/master/vocabs/v1/context.jsonld#L62
I don't think it makes sense to constrain the domain of the did subject, in ANY DID Method :) In the DID WG we are debating the `type` property of...
@aniltj this isn't malware security research :) we are applying RDF to expressing cryptographic concepts, if we start applying restrictions to RDF because of an assumed domain, we will inevitably...
I suggest we restructure this issue as: Privacy & Security Section has been reviewed / approved by an independent 3rd party and then we ensure we have made the necessary...
So am I correct in stating that it's OK for you to use did:web if you own the domain, for both issuer and subject roles in a VC? And its...
I recommend closing this, I don't see this an issue, in fact it would be awesome to see more adoption by larger tech companies of did:web... for example, github already...
I am currently squatting on did:github, would love to hand that over to them as well... https://github-did.com/resolver