Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unsubstantiated statement about protecting against attacks when compromised #176

Closed
selfissued opened this issue Jan 31, 2020 · 3 comments · Fixed by #369
Closed

Unsubstantiated statement about protecting against attacks when compromised #176

selfissued opened this issue Jan 31, 2020 · 3 comments · Fixed by #369
Assignees
@selfissued
Labels
editorial Editors should update the spec then close

Comments

@selfissued
Copy link
Contributor

Section 10 Security Considerations https://w3c.github.io/did-core/#security-considerations says:

Protecting against an attack when a system is compromised requires external key-signing hardware.

First, a reference substantiating this assertion should be provided. Second, is the ability to reliably use DIDs on compromised systems really in scope for this specification? Why or why not?
@rhiaro rhiaro added the editorial Editors should update the spec then close label Feb 4, 2020
@selfissued
Copy link
Contributor Author

I will re-read this in context and create a PR.

@OR13
Copy link
Contributor

OR13 commented Mar 17, 2020

Consider pulling from:

@burnburn
Copy link

burnburn commented Jun 2, 2020

Mike reaffirms he will create a PR.

@selfissued selfissued mentioned this issue Aug 11, 2020
Merged
@peacekeeper peacekeeper mentioned this issue Sep 8, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@selfissued selfissued

Labels
editorial Editors should update the spec then close
Projects
None yet
Milestone
No milestone
4 participants
@rhiaro @burnburn @selfissued @OR13