Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KERI and IPLD #7

Open
SmithSamuelM opened this issue Jan 21, 2020 · 5 comments
Open

KERI and IPLD #7

SmithSamuelM opened this issue Jan 21, 2020 · 5 comments

Comments

@SmithSamuelM
Copy link

I want to explore a common incepting (multi-format like) approach to self-certifying identifiers that are based on a hash (signature) of the incepting information that is compatible with IPID.

We you be open to a discussion on this. I couldn't find you email.
@SmithSamuelM
Copy link
Author

IPID/IPLD and KERI are going to the same place but with different starting points. On want to make them recognize each other. I think it would be good for us to talk at length on how to do this.

@SmithSamuelM
Copy link
Author

Looks like this link only has two slides. https://cloudflare-ipfs.com/ipfs/QmXFhzGYF27zvjNxbJNcfn226ZkJpRg2sQGRgK7JKdCKje/#/1

@SmithSamuelM
Copy link
Author

I have been using the term "ambient verifiability" to mean attestations are verifiable by anyone, anywhere, at anytime. This implies end verifiability to the root-of-trust. Verifiability in this context means signatures not hashes (although a signature is a hash but not merely a hash). So a self-certifying identifier has a cryptographic root-of-trust only the controller of that identifier is a verifiable source of truth. So an end-verifiable statement has a signature that can be verified as belonging to the authoritative source of truth. In an ephemeral self-certifying identifier, there is no possibility of transfer of control to a different public/private key pair so the incepting statement for the identifier is enough to verify to the root-of-trust that is that originating self-certifying public/private key pai. A persistent identifier allows transfers of control. So end verifiability of the root-of-trust requires verifying the chain of transfers of control from the incepting public/private key pair to the current authoritative one. This is a signed chain which is also but not merely a content addressable chain. Signature are hashes so any signature can be used as a content address. The difference is the signature is tied a root of trust and therefore satisfies end verifiability. So a DAG of transfers of control statement has ambient verifiability.

@SmithSamuelM
Copy link
Author

ambient verifiability is similar to the concept you espoused for IPLD in that it doesn't need anything else.

@SmithSamuelM
Copy link
Author

@jonnycrunch Tagging you so you see my request to connect.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@SmithSamuelM