From 2c3859498c080ab0acba81b6daed2163568d023f Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Mon, 29 Nov 2021 20:23:33 -0500 Subject: [PATCH 01/11] Edit Privacy and Considerations sections --- index.html | 129 +++++++++++++++++++++++++++-------------------------- 1 file changed, 65 insertions(+), 64 deletions(-) diff --git a/index.html b/index.html index ce64910..4357bb2 100644 --- a/index.html +++ b/index.html @@ -1162,7 +1162,7 @@

Privacy Considerations

Decentralized Identifiers, like any other technology, can be used to - enhance privacy as well as harm privacy. This section speaks to topics + enhance privacy as well as to harm privacy. This section speaks to topics that implementers might consider when thinking about the privacy characteristics of their software systems.

@@ -1179,7 +1179,7 @@

- It is the DID method implementer's responsibility to think about and + It is a DID method implementer's responsibility to think about and identify the extent to which personal data may be included in a DID document.

@@ -1192,21 +1192,19 @@

- A DID method specification should have a section dedicated to personal - data covering the extent to + DID method specifications are encouraged to have a section dedicated to + personal data, covering the extent to which information published on the corresponding ledger can be updated or deleted. - It should provide specific instructions of how to do so, if it is - possible. + Such a section could provide specific instructions of how to do so, + if it is possible. Otherwise, it should clearly state that it is not possible.

A DID method should avoid "phone home" or tracking characteristics that - would - permit tracing of a user in manner not understood or authorized by the - user - by some third party. + would permit tracing of a user by a third party + in manner not understood or authorized by the user.

@@ -1214,11 +1212,11 @@

Avoid correlation

- Avoid reusing verification methods across DID Methods. + Avoid reusing verification methods across DID methods.

- Avoid reusing services with unique parameters across DID Methods. + Avoid reusing services with unique parameters across DID methods.

@@ -1230,9 +1228,9 @@

Avoid correlation

- A DID method implementer should rotate keys and identifiers as often as - possible - to avoid correlation + DID method implementations are encouraged to rotate keys and + identifiers as often as possible, + to avoid correlation.

@@ -1241,14 +1239,14 @@

Anonymity

Consider formally modeling the privacy implications associated with - your implementation using + your DID method and/or implementation using t-closeness or other mechanisms.

- If your DID Method supports global enumeration and indexing, consider - exposing this information publicly. You may wish to provide alerts + If your DID method supports global enumeration and indexing, consider + exposing this fact publicly. You may wish to provide alerts similar to services that watch version control systems for sensitive information that is accidentally leaked.

@@ -1259,16 +1257,18 @@

Compliance

Review any applicable local law when considering developing or - operating a decentralized identifier method. -

- -

Consider GDPR.

- -

Consider CCPA.

- -

Consider EAR. -

+ operating a decentralized identifier method. Consider the following: +

+ + @@ -1285,7 +1285,7 @@

Security Considerations

Pay very close attention to the defense, cryptographic agility, and political - acceptability of any cryptography you rely on for DID Method security. + acceptability of any cryptography you rely on for DID method security.

@@ -1295,14 +1295,15 @@

Security Considerations

- Avoid open source implementations that are declared a "defacto - standard", but lack open standard technical specifications. + Prefer technologies based on open standard technical specifications. + Avoid technologies declared de facto standard based on + particular implementations but lacking open standards.

- Support for legacy cryptography systems such as + Consider support for legacy cryptography systems such as JOSE - and OpenPGP should be considered + and OpenPGP, due to their prevalence in existing systems.

@@ -1311,12 +1312,12 @@

Vendor Lock In

Competition, direct substitutability, interoperability, and mutual feature support are key to reducing the barriers to adoption of, and - increasing confidence in, your DID Method. + increasing confidence in, your DID method.

Avoid inventing "new features". Work with others to find a common way - to express any new features that are not unique to your DID Method. + to express any new features that are not unique to your DID method.

@@ -1327,7 +1328,7 @@

Vendor Lock In

Transparency and openness in approaches related to security not only - lead to greater security, but promote interoprability and adoption. + lead to greater security, but promote interoperability and adoption.

@@ -1335,13 +1336,11 @@

Vendor Lock In

Digital Signatures

- We recommend the user review - safecurves.cr.yp.to before - selecting elliptic curve types. A key note however, is that several - items on safecurves are less frequently updated. - In addition to safecurves you should always check the top level - standards - and any docs which superseed referenced standards in safecurves, + When selecting elliptic curve types, consider reviewing + SafeCurves. + However, note that some items on SafeCurves may be infrequently updated. + In addition to SafeCurves, check the top-level standards + and any documents which supercede referenced standards in SafeCurves, especially FIPS 186-4 and @@ -1369,27 +1368,27 @@

Hashing Algorithms

When in doubt in selection of a hashing algorithm, consult the - NIST documentation related to hash function selection, + NIST documentation related to hash function selection. + For new implementations, consider - SHA-3 as described in FIPS 202 - should be strongly considered for new implementations + SHA-3 as described in FIPS 202.

Randomness

- When making an implemention carefully consider how you are sourcing + When making an implemention, carefully consider how you are sourcing random numbers. Consult RFC 4086: Randomness Requirements for Security - when selecting an approach to get random bits, and pay careful attention - to the platform and any underlying hardware that may be in use as multiple + when selecting an approach to get random bits. Pay careful attention + to the platform and any underlying hardware that may be in use. Multiple attacks have been performed in the wild due to improper selection of random values in key material and other aspects of cryptography.
-

Zero Knowledge Proofs

+

Zero-Knowledge Proofs

Consider using @@ -1400,31 +1399,32 @@

Zero Knowledge Proofs

- The IETF document on + When selecting curves and other parameters for zero-knowledge proofs, + consider consulting the IETF document on - Pairing Friendly Curves - should be consulted when selecting curves for usage with zero - knowledge proofs, + href="https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairing-friendly-curves"> + Pairing-Friendly Curves especially to ensure that appropriate embedding degrees are selected, and that the resulting equivalent bit characteristics are sufficient.

- Avoid zero knowledge proofs as described in the + Avoid zero-knowledge proofs as described in the AnonCredDerivedCredentialv1. This proof format is coupled to specific ledger technologies, - similar to the concept of an ethereum virtual machine smart contract - only running on EVM compatible ledgers. Ledger-specific technologies + similar to the concept of an Ethereum Virtual Machine (EVM) + smart contract + only running on EVM-compatible ledgers. Ledger-specific technologies should be avoided when designing for portable, interoperable, and - open-standards–based zero knowledge proofs. + open-standards–based zero-knowledge proofs.

- Avoid storing credential schemas on ledgers. Many DID methods cannot - store information other than a DID Document, which reduces the direct + Avoid requiring credential schemas to be stored on ledgers. Many DID + methods cannot + store information other than a DID document, which reduces the direct interoperability, substitutability, and cost effectiveness of solutions that make use of rare or poorly supported features such as credential schema definition storage. @@ -1442,11 +1442,12 @@

Biometrics

- The addition of biometrics to other techniques can aid in certain tasks + The addition of biometrics to other techniques can aid certain tasks such as reauthentication. NIST SP - 800-63B - deals directly with digital identity and has several useful sections + 800-63B ("Digital Identity Guidelines: Authentication and + Lifecycle Management") + has several useful sections that address appropriate language for describing biometrics usage as well as techniques for incorporating biometrics into an approach for solving From 26b848ba9e49008e1fc8860b08a46f4fc6404eaa Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Fri, 3 Dec 2021 16:28:50 -0500 Subject: [PATCH 02/11] Improve wording about third-party tracking Co-authored-by: Manu Sporny --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index 4357bb2..88dc286 100644 --- a/index.html +++ b/index.html @@ -1203,7 +1203,7 @@

A DID method should avoid "phone home" or tracking characteristics that - would permit tracing of a user by a third party + would enable tracking of a user, without consent, by a third party in manner not understood or authorized by the user.

From 5c7153e4be6fb484cbc89bd6e6ca38e95b4a31d5 Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Fri, 3 Dec 2021 16:34:34 -0500 Subject: [PATCH 03/11] Adjust technology comparison regarding privacy Co-authored-by: Ted Thibodeau Jr --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index 88dc286..0cfc13b 100644 --- a/index.html +++ b/index.html @@ -1161,7 +1161,7 @@

Benefits

Privacy Considerations

- Decentralized Identifiers, like any other technology, can be used to + Decentralized Identifiers, like many other technologies, can be used to enhance privacy as well as to harm privacy. This section speaks to topics that implementers might consider when thinking about the privacy characteristics of their software systems. From c9d2bc6d460c8bf1615d5426b3b8d48bf9b262c5 Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Fri, 3 Dec 2021 17:08:18 -0500 Subject: [PATCH 04/11] More consistency with standards and specifications Co-authored-by: Ted Thibodeau Jr --- index.html | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 0cfc13b..93ca16a 100644 --- a/index.html +++ b/index.html @@ -1296,8 +1296,9 @@

Security Considerations

Prefer technologies based on open standard technical specifications. - Avoid technologies declared de facto standard based on - particular implementations but lacking open standards. + Avoid technologies declared de facto standards based on + particular implementations but lacking open standard technical + specifications.

From 5f088c6c253d37b0f7635fc81a1ab02c4781c902 Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Fri, 3 Dec 2021 17:15:04 -0500 Subject: [PATCH 05/11] Improve reference to laws Co-authored-by: Ted Thibodeau Jr --- index.html | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 93ca16a..0bc58fc 100644 --- a/index.html +++ b/index.html @@ -1256,8 +1256,9 @@

Anonymity

Compliance

- Review any applicable local law when considering developing or - operating a decentralized identifier method. Consider the following: + Review any applicable local laws when considering developing or + operating a decentralized identifier method. Such local laws may + include, but are not limited to, the following:

    From b5dc79571ed8382216870c9bcfe2f035a272c1a5 Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Fri, 3 Dec 2021 17:35:44 -0500 Subject: [PATCH 06/11] Reduce use of metonymy Co-authored-by: Ted Thibodeau Jr --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 0bc58fc..f894698 100644 --- a/index.html +++ b/index.html @@ -1192,8 +1192,8 @@

    - DID method specifications are encouraged to have a section dedicated to - personal data, covering the extent to + DID method specifiers are encouraged to include a specification section + dedicated to personal data, covering the extent to which information published on the corresponding ledger can be updated or deleted. Such a section could provide specific instructions of how to do so, From 287afe9d2920b60d8c1867cf0bf977d0f3108abd Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Fri, 3 Dec 2021 18:08:11 -0500 Subject: [PATCH 07/11] Attribute feature rarity to support Co-authored-by: Ted Thibodeau Jr --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index f894698..e457531 100644 --- a/index.html +++ b/index.html @@ -1428,7 +1428,7 @@

    Zero-Knowledge Proofs

    methods cannot store information other than a DID document, which reduces the direct interoperability, substitutability, and cost effectiveness of - solutions that make use of rare or poorly supported features such as + solutions that make use of rarely or poorly supported features such as credential schema definition storage.

    From c539bca8f218e38ad07538ab6f51eb161e3bb001 Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Fri, 3 Dec 2021 18:55:03 -0500 Subject: [PATCH 08/11] Positively characterize prevalence Co-authored-by: Orie Steele Co-authored-by: Ted Thibodeau Jr --- index.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/index.html b/index.html index e457531..1984ff9 100644 --- a/index.html +++ b/index.html @@ -1303,10 +1303,10 @@

    Security Considerations

    - Consider support for legacy cryptography systems such as + Consider support for widely supported and historically prevalent + cryptography systems such as JOSE - and OpenPGP, - due to their prevalence in existing systems. + and OpenPGP.

    From 45d8529cbc7f5667d5038475e90643f9fe9bad44 Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Fri, 10 Dec 2021 11:13:35 -0500 Subject: [PATCH 09/11] Adjust key/identifier rotation encouragement Co-authored-by: Ted Thibodeau Jr --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 1984ff9..280ce83 100644 --- a/index.html +++ b/index.html @@ -1229,8 +1229,8 @@

    Avoid correlation

    DID method implementations are encouraged to rotate keys and - identifiers as often as possible, - to avoid correlation. + identifiers as often as practical, + to avoid compromise and correlation, respectively.

    From 5b85935bde8c0e3b4a4da17c4054286bf460b0ee Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Fri, 10 Dec 2021 11:35:24 -0500 Subject: [PATCH 10/11] Add comma after link Co-authored-by: Ted Thibodeau Jr --- index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.html b/index.html index 280ce83..097e342 100644 --- a/index.html +++ b/index.html @@ -1405,7 +1405,7 @@

    Zero-Knowledge Proofs

    consider consulting the IETF document on - Pairing-Friendly Curves + Pairing-Friendly Curves, especially to ensure that appropriate embedding degrees are selected, and that the resulting equivalent bit characteristics are sufficient. From 009bb6a359cd996b720f9458fc632a1e99958d9a Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Tue, 21 Dec 2021 16:17:12 -0500 Subject: [PATCH 11/11] Reword sentence about tracking Co-authored-by: Ted Thibodeau Jr --- index.html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/index.html b/index.html index 097e342..a87bea3 100644 --- a/index.html +++ b/index.html @@ -1203,8 +1203,8 @@

    A DID method should avoid "phone home" or tracking characteristics that - would enable tracking of a user, without consent, by a third party - in manner not understood or authorized by the user. + would enable a third party to track a user, in a manner not + understood and/or not authorized by the user.