Top-level
9 comments
@cuchaz @grishka I know, I don't think did:web is an ideal choice (even though I helped create it). But, I DO think a better DID method will be created in the next year or three. And the reason I recommend to use did:web now is -- you get used to the general mechanism and data model, and the moment a better method arrives on the scene, it is trivial to switch. I imagine the solution will just be multiple keys that point to each other and domains that list them. It's messy but it makes the most sense IMO. @cuchaz @lucid00 @grishka So, I definitely think you're on the right track. The thing about key being an identity, is that you can't rotate or revoke it! That's why it's so useful to add one more level of indirection. an identity points to one or more keys (which can be rotated / revoked without changing the identity). Which is exactly what a DID is -- just a string that points to a JSON object that has a bag of keys.
[DATA EXPUNGED]
@Paulie @cuchaz @grishka @dmitri "they have to keep that separate thing up to date just to login to see cat pics" They don't, they could just login to see cat pics like most users are doing. Also I'm not sure PGP failed, it's still in use. Off topic: "Failed" implies that PGP had some kind of success target to hit that it didn't beyond just providing the ability to encrypt stuff. |
@dmitri @grishka DNS is technically disqualified here because it's a centralized authority. But despite that, it may be the best option we have. The trouble is, the DNS system isn't really accessible to most people, so the UX isn't great there.
Most of the other DID resolvers are blockchains (ugh), so I'm trying to find something better. It may not exist though. If we're not going to use pubkeys as ids directly, then something like `user@domain` may be the best we can do.