Open bluesteens opened 1 year ago
should this be a DID holder decision? but OCI recommends to offer both rotation methods
Mtg July 27: rejected, as it seems overengineered. key management systems could cater sufficiently for the recommended level of security; refer to comments in https://github.com/Open-Credentialing-Initiative/Digital-Wallet-Conformance-Criteria/issues/30
Steering: Proposal Summary
This is for the Steering work START approval step. Discuss the proposed work or change.
# Should DID key rotation be based on usage frequency or a fixed time period? A key that's used more frequently can cause more harm in the wrong hands. Thus, usage-based rotation might add more security to the overall system.see NFR004
current requirement:
should we consider a usage-based key rotation in addition or instead of time-based rotation?
Steering: Publication Summary
Discuss the work that was completed in reference to the above proposal. Include any differences from the proposal and why.
#Affected Parties (help determine Sunrise/Sunset):
Affected OCI Artifact
Change Category (Guides Steering Review)
- Steering/Industry Review
- Steering/Industry Notification
Communication