I imagine the solution will just be multiple keys that point to each other and domains that list them.
It's messy but it makes the most sense IMO.
Top-level
I imagine the solution will just be multiple keys that point to each other and domains that list them. It's messy but it makes the most sense IMO. 5 comments
@cuchaz @lucid00 @grishka So, I definitely think you're on the right track. The thing about key being an identity, is that you can't rotate or revoke it! That's why it's so useful to add one more level of indirection. an identity points to one or more keys (which can be rotated / revoked without changing the identity). Which is exactly what a DID is -- just a string that points to a JSON object that has a bag of keys.
[DATA EXPUNGED]
@Paulie @cuchaz @grishka @dmitri "they have to keep that separate thing up to date just to login to see cat pics" They don't, they could just login to see cat pics like most users are doing. Also I'm not sure PGP failed, it's still in use. Off topic: "Failed" implies that PGP had some kind of success target to hit that it didn't beyond just providing the ability to encrypt stuff. |
@lucid00 @dmitri @grishka Crazy thought I just had: What if we just play games with terminology to try to make things easier to understand?
The cryptographic keys can technically be an "identity" because that's the source of authority in the system that is in control of the person. And the name@domain can be an "address" because that's the source of authority that's under control of some external organization rather than the person.
The address isn't the person, it's merely where they're staying at the moment. It's how you can find them, but it can be changed. An identity can move to a new address and still be the same identity. Or in reverse, the organization might be convinced to accept a new identity as the resident of an address, if, say, the person loses access to their identity somehow. But if you move somewhere else, you can only take your identity with you, not the address. The address isn't yours.
@lucid00 @dmitri @grishka Crazy thought I just had: What if we just play games with terminology to try to make things easier to understand?
The cryptographic keys can technically be an "identity" because that's the source of authority in the system that is in control of the person. And the name@domain can be an "address" because that's the source of authority that's under control of some external organization rather than the person.