Closed atoulme closed 2 years ago
chaals
commented
2 years ago I think control of the public key (which is often demonstrated by using a private key to show you have control) is the core feature of a "principal owner". Which means R34 is redundant.
Not sure why it is "at the inception of the identity" that this matters, since it seems more relevant who is in control at the time the identity is used.
Therecanbeonlyone1969
commented
2 years ago @atoulme sorry for the oversight in addressing your question. Yes, it does imply that.
@chaals R34 is not redundant because it refers to identifiers and identities in the context of a BPI whereas a Principal Owner is merely a definition not a requirement. One could reformulate R34 as
The identifiers and identity utilized in a BPI MUST have a Principal Owner. ... but that is splitting hairs
Therecanbeonlyone1969
commented
2 years ago added definition of Principal Owner to Glossary in #174
kthomas
commented
2 years ago Having control of the public key is part of being a Principal Owner, no doubt.
If a key gets compromised, does that make those (or the general public in extreme cases) Principal Owners?
This is really splitting hairs at this point perhaps :)
Therecanbeonlyone1969
commented
2 years ago @kthomas agreed
Therecanbeonlyone1969
commented
2 years ago Question answered and included in merged PR #174 . Closing issue.
3.1 states
A Principal Owner is defined as the entity controlling the public key(s) which control the identity and its identifiers upon inception of the identity.Should it be private keys? Does this imply that we will only use asymmetric cryptography? Please clarify.