Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use of did:web:web3.storage:account:[email protected] DIDs for accounts instead of did:mailto #25

Open
Gozala opened this issue Dec 13, 2022 · 1 comment

Comments

@Gozala
Copy link
Collaborator

Gozala commented Dec 13, 2022

In https://github.com/web3-storage/ucanto/pull/168/files#r1046597704 @gobengo made a point that perhaps we should be using did:web:web3.storage:account:[email protected] instead of did:mailto:[email protected], which is worth considering & discussing

@Gozala
Copy link
Collaborator Author

Gozala commented Dec 13, 2022

There are pros and cons benefits to going with proposed did:web: approach as opposed to did:mailto: I'll try to enumerate ones that I see:

💚 did:web is already standard so we don't need to do spec did:mailto to be on our marry path.
💔 Unlike did:mailto approach with did:web it is name mapping convention and it would make little sense for anyone outside of web3.storage to recognize those.
- did:mailto clearly states that web3.storage is not the authority, domain in the email is.
💔 We can not upgrade / integrate DKIM based stuff as alluded in account spec. Whole point for did:mailto was that we can get away from our email validation flow and make it universal that anyone could support.

  • Note that our current ./update capability is more of a way to capture our verification so we don't have to do it again.
  • Even with DKIM we need to resolve mail server keys to verify proofs in UCAN and ./update will continue to allow us to store that we have performed this verification so we don't have to do it on every request.
    • Other host may not recognize our ./update delegations, but they could still do the DKIM based verification.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant