My purpose in this post is to explore a way to make Sovrin usable quickly once the MVP network is available. Comments welcome.
Phil, I think this is a terrific use of Sovrin and specifically of the ability of DIDs and DDOs to provide the current public key for a GPG contact. I can’t wait until we can implement the whole stack. I’d love to hear other’s thoughts about it.
I have a question regarding key rotation…
If a given entity rotates its keys while retaining its DID for other parties to be able to contact it, what happens to all the claims that have been signed with the old keys? Would the entity in question need to re-make and re-sign all of its claims everytime keys are renewed?
My understanding is that, because of the additive nature of the ledger, outdated DDOs - hence, outdated pub keys - will never be overwritten, so a mechanism could be devised for the verifier to get the old keys together with the most recent one.
However, I concur it is unpractical to check the claim signature against 100 old keys. One option could be to include the reference to the correct version of the DDO into the signature (via a signed attribute).
This approach resembles a common practice in digital signature, where the X509 certificate is embedded into the signature. The certificate (i.e., a signed binding between a key and an entity) would be replaced in this case by the proper DID-DDO association in the ledger.
Luca, that’s a great suggestion, and the same thought I was having as I read Carlo’s question. However that requires that a particular version of a DDO be uniquely addressable in the ledger. That’s not currently a requirement in the DID Implementer’s Draft 01 spec.
All transactions in the ledger have a sequence number. Think of it like the analog of RowID in old, familiar RDBMSes. If you can point to the transaction associated with a DDO by its sequence number, then looking up that DDO should be very efficient.
Great answer, @danielh! Is it easy for a developer to grab the sequence number for a DDO the first time they look it up?
Also, for my own edification (and for the next version of the DID spec, where I’m thinking we should add a section about DDO revision tracking), what’s the exact format of a Sovrin sequence number?
I believe a sequence number is just a 64-bit unsigned integer. And yes, the sequence number associated with a particular version of a DDO (as recorded in a particular transaction) is communicated. The most common operation against the ledger, by a factor of 10x over all others, will probably be a lookup of the current verification key for DID x. We expect this query to often be framed as “I have version 12345 of the DDO for DID x; if that’s not current, what’s the new DDO content and sequence number? And oh by the way, prove to me that this answer is true.” The “12345” in that description would be the sequence number, and by allowing the question to be asked this way, we make it possible to optimize the answer by (90+% of the time) returning a proof that nothing has changed. The alternative would be to always return the current DDO plus a proof, which would be far more expensive.
@danielh I nominate that as the best answer on the Sovrin Forum in 2017! (It doesn’t matter that the the year is only a few days old )
It really underscores why the Sovrin ledger is optimized for DPKI (Decentralized Public Key Infrastructure). For anyone who hasn’t read the Rebooting the Web of Trust paper on DPKI, I highly recommend it.
Here is an interesting and relevant paper by guys at Johns Hopkins and Rome Sapienza: From Pretty Good to Great: Enhancing PGP Using Bitcoin and the Blockchain