[standards] Securing mechanisms section could be structured better

w3c / identity-web-impact

This document proposes an overview of Digital Identities on the Web and an analysis through different use cases of the systemic impact on both the market side and the human side, as well as the role that Web standardization may play in managing that impact

https://www.w3.org/reports/identity-web-impact/

1 stars 4 forks source link

[standards] Securing mechanisms section could be structured better #17

Open Sakurann opened 3 months ago

Sakurann commented 3 months ago

this is not urgent, but Securing Mechanisms section could be organized clearer I think. some thoughts:

I think sd-bls uses data integrity, so should be moved to embedded
would really encourage to separate crypto (BBS) from the format as much as possible (might not be always possible)
enveloped section should probably be bulleted into JWT and SD-JWT, COSE (not sure what is a better name for mdoc), SD-CWT

simoneonofri commented 3 months ago

Hi @Sakurann,

Thank you for the comment:

I re-read the paper and talked with the authors. In theory, it can be both, but the actual status is more of a signature algorithm. I'm going to move it.
- I agree that it is not an optimal organization, but it is coherent with VCDM/OIDF/OWF terminology. In theory, it should be good to have formats with crypto agility and to apply crypto algorithms (also in the Threat Model they are a different thing)
- Formatting, a nice idea, maybe also a table.