Skip to content

Commit

Permalink
Update README.md
Browse files Browse the repository at this point in the history 
Co-authored-by: Brian Ginsburg <7957636+bgins@users.noreply.github.com>
Signed-off-by: Brooklyn Zelenka <be.zelenka@gmail.com>
  • Loading branch information
@expede @bgins
expede and bgins committed Oct 18, 2023
1 parent b9905bd commit a16beff
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -491,7 +491,7 @@ This is not a concern when simply delegating since presumably the recipient agen

_UCAN does not have any special protection against person-in-the-middle (PITM) attacks._

Were a PITM attack successfully performed on a UCAN delegation, the proof chain would contain the attacker's DID(s). It is possible to detect this scenario and revoke the relevant UCAN but does require special inspection of the topmost `iss` field to check if it is the expected DID. Therefore, it is strongly RECOMMENDED to only delegate UCANs to agents that are both trusted and authenticated and over secure channels.
If a PITM attack was successfully performed on a UCAN delegation, the proof chain would contain the attacker's DID(s). It is possible to detect this scenario and revoke the relevant UCAN but this does require special inspection of the topmost `iss` field to check if it is the expected DID. Therefore, it is strongly RECOMMENDED to only delegate UCANs to agents that are both trusted and authenticated and over secure channels.

# 7. Related Work and Prior Art

Expand Down

0 comments on commit a16beff

Please sign in to comment.