The NTIA SBOM initiative discussed the potential use of uri’s based on an IANA registered dns syntax
"SupplierID": "dns:reliableenergyanalytics.com" Thanks, Dick Brooks Active Member of the CISA Critical Manufacturing Sector, Sector Coordinating Council – A Public-Private Partnership <https://reliableenergyanalytics.com/products> Never trust software, always verify and report! ™ <http://www.reliableenergyanalytics.com/> http://www.reliableenergyanalytics.com Email: <mailto:d...@reliableenergyanalytics.com> d...@reliableenergyanalytics.com Tel: +1 978-696-1788 From: SCITT <scitt-boun...@ietf.org> On Behalf Of Orie Steele Sent: Thursday, June 8, 2023 11:22 AM To: da...@ietf.org Cc: jacques.lat...@cira.ca; uta@ietf.org; scitt <sc...@ietf.org> Subject: Re: [SCITT] Leveraging DNS in Digital Trust: Credential Exchanges and Trust Registries Original thread: https://mailarchive.ietf.org/arch/msg/dance/g0eSMxmZzb1ucsFtgkVkICV5Hh8/ I read https://www.ietf.org/archive/id/draft-latour-dns-and-digital-trust-00.html <https://www.ietf.org/archive/id/draft-latour-dns-and-digital-trust-00.html> Previously I had read: - https://datatracker.ietf.org/doc/draft-mayrhofer-did-dns/ - https://identity.foundation/.well-known/resources/did-configuration/ (I'm co-author) I don't understand the role that "example-issuer.ca <http://example-issuer.ca> " is playing in these records. Why is there a need to structure the record "key" to include CA information? Is https://datatracker.ietf.org/doc/draft-ietf-uta-rfc6125bis/ relevant to this conversation? I wanted to share some related work, from BlueSky: They support linking https://www.w3.org/TR/did-core/ to specific domains, this allows for the natural control of a domain to be used to establish the natural authority of an identifier, For example: dig -t txt _atproto.wyden.senate.gov <http://atproto.wyden.senate.gov> | grep 'did=' | grep -o '"did=.*"' | jq -r 'split("=")[1]' https://github.com/w3c/did-spec-registries/pull/515 I would like to see a standard way to link decentralized identifiers to domains documented somewhere at IETF. Including UTA & SCITT in case there are folks with relevant comments. Regards, OS -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries/>
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
