Add suggestion on how malicious issuers can be detected. #161
Conversation
msporny
requested review from
npdoty,
dlongley,
jandrieu,
longpd,
iherman,
dmitrizagidulin,
TallTed,
David-Chadwick,
brianorwhatever,
decentralgabe,
brentzundel and
KDean-GS1
index.html
Outdated
| cryptographic key for every credential issued that is tracked in a status list. | ||
| This sort of collusion can be detected by [=holder=] software by detecting | ||
| if the global identifiers used within a [=verifiable credential=] are shared | ||
| by other credentials. [=Holders=] could then be warned when presenting a |
There was a problem hiding this comment.
Sorry but I do not follow this. Assuming most holders only get a single credential from each issuer then how is this possible? Furthermore even if they obtain multiple credentials from one issuer, then it is unlikely they will all have the same unique identifiers in them.
There was a problem hiding this comment.
An individual holder (a user of holder software) is not expected to be able to do this, but holder software (that services multiple holders) potentially could. As an example, holder software could offer an opt-in tool that could perform this analysis across multiple holders and report back its findings.
There was a problem hiding this comment.
And which users are going to trust holder software that is shared by multiple users and that scans the wallets of multiple users?
There was a problem hiding this comment.
And which users are going to trust holder software that is shared by multiple users and that scans the wallets of multiple users?
Most of them, I'd expect. Most people accept this kind of analysis from the most popular Web browsers, probably often without knowing it. Hopefully wallet providers will do better, especially when it is easier to provide alternatives (that don't do it at all) than it is to compete in the browser market.
There was a problem hiding this comment.
Are you saying that web browsers scan a user's PC and converse between themselves about the contents? (as this is the scenario that you are proposing for wallets). If so, it surprises me, as I was not aware of this.
There was a problem hiding this comment.
@David-Chadwick, @dlongley — Please pick up this thread below, following the suggestions I first made based on the thread above and then modified based on reactions from @David-Chadwick
There was a problem hiding this comment.
@TallTed, the text below looks ok to me modulo the change from "unique" to "shared" ... I'll comment down there on that.
Are you saying that web browsers scan a user's PC and converse between themselves about the contents?
I'm not implying anything as specific as "scan a user's PC", but rather, that some Web browsers (and some search engines) collect information based on your behavior and various inputs, aggregate it with information from other users, and send it somewhere for analysis, yes.
|
@msporny — Could you merge the suggestions that have no argument, so the remaining suggestions are clearer to review? |
Co-authored-by: Ted Thibodeau Jr <[email protected]>
|
I think the updated language is fine. Requesting a re-review from @TallTed and @David-Chadwick just to be sure. I'll merge after I get confirmation from both of them that the new language meets their concerns. |
Co-authored-by: Dave Longley <[email protected]>
Co-authored-by: Ted Thibodeau Jr <[email protected]>
|
Editorial, multiple reviews, changes requested and made, no objections, merging. |
This PR attempts to address issue #143 by adding guidance on how holder software can detect malicious issuers that inject tracking identifiers into their credentials.
/cc @zoracon
Preview | Diff