Gozala
commented
1 year ago There are pros and cons benefits to going with proposed did:web: approach as opposed to did:mailto: I'll try to enumerate ones that I see:
💚 did:web is already standard so we don't need to do spec did:mailto to be on our marry path.
💔 Unlike did:mailto approach with did:web it is name mapping convention and it would make little sense for anyone outside of web3.storage to recognize those.
did:mailtoclearly states that web3.storage is not the authority, domain in the email is. 💔 We can not upgrade / integrate DKIM based stuff as alluded in account spec. Whole point fordid:mailtowas that we can get away from our email validation flow and make it universal that anyone could support.- Note that our current
./updatecapability is more of a way to capture our verification so we don't have to do it again. - Even with DKIM we need to resolve mail server keys to verify proofs in UCAN and
./updatewill continue to allow us to store that we have performed this verification so we don't have to do it on every request.- Other host may not recognize our
./updatedelegations, but they could still do the DKIM based verification.
- Other host may not recognize our
- Note that our current
In https://github.com/web3-storage/ucanto/pull/168/files#r1046597704 @gobengo made a point that perhaps we should be using
did:web:web3.storage:account:alice@web.mailinstead ofdid:mailto:alice@web.mail, which is worth considering & discussing