>> How do you plan to deal with the large number of DID methods? >> Standardization of many of the DID methods has not been finished and >> they appear to have vastly different security properties, even for the >> most basic DID methods like did:web and did:key. It sounds difficult to >> accomplish interoperability in such a flexible system.
Hi Hannes thanks for raising this point. The did_methods extension proposed in the I-D is intended to carry the list of supported DID Methods that a TLS endpoint supports to resolve the peer's DID. In our opinion, the DLT-based DID Methods that conform to the DID core [1], and store a DID Document that expresses at least one verification method of type authentication, are candidates for use in the IoT use case. DID Methods that meet this set of minimum requirements (to be agreed upon and reviewed) should be entered into a registry and assigned to a range of values for "Experimental Use" in an early stage to encourage interoperability experiments. [1] https://www.w3.org/TR/did-core/ Best regards, Leonardo Perugini
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
