You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
global var1 = memoryLocation(0x11111111)
callerFunction() => {
const booleanResult = function1(var1); // should return false because function1 negates it
expect(booleanResult).toBe(false);
}
function1(fnVar1) => {
!function2(fnVar1);
};
function2(fnVar2) => {
return fnVar2 === var1; // should return true because the memory locations match
}
The use case where I'm imaging this would be used is did:example:conglomerate is a business conglomerate with did:example:business-unit being a business unit of did:example:conglomerate. And did:example:sub-division is a sub-business division of business unit, did:example:business-unit.
What this means is that did:example:bussiness-unit can sign on behalf of did:example:conglomerate without did:example:conglomerate not needing to directly reference every key managed by it's sub-divisions of it's various business units.
However, there's an implicit trust relationship between did:example:conglomerate and it's reference to did:example:business-unit#key2. For example, an attacker could compromise did:example:business-unit and point #key2 to did:example:malicious-attacker#key1 and now malicious-attacker key1 can be used to sign on behalf of did:example:conglomerate.
This is similar to booleanResults expected function1 contract that it will return false because it's negating the result of function2. If it were to stop negating function2, then the logical expectation in the callerFunction would fail.
Should this be allowed?
I tend to lean towards the answer is "No, it shouldn't be allowed" because the implicit trust relationship will be abused at some point and keys will be able to falsely represent did subjects. If others agree with me, then we don't need to make any changes to the specification and this can be close. However, the flip side is multi referencing keys enables easier management of did-documents which can be a very powerful feature. I'm curious, where do others land on the topic?
@dlongley or @msporny I suspect you guys may have thought through this case already because I see JSON-LD examples that do the direct referencing use cases in the spec.
The text was updated successfully, but these errors were encountered:
Original issue was authored here: w3c/did-core#301 Migrating the issue to here because this is where it should be properly addressed.
Imagine we've got the following did document structures:
and did:example:business-unit did Document looks like this:
and did:example:sub-division did doc looks like this:
This is essentially the same as this pseudocode:
The use case where I'm imaging this would be used is did:example:conglomerate is a business conglomerate with
did:example:business-unit
being a business unit ofdid:example:conglomerate
. Anddid:example:sub-division
is a sub-business division of business unit,did:example:business-unit
.What this means is that
did:example:bussiness-unit
can sign on behalf ofdid:example:conglomerate
withoutdid:example:conglomerate
not needing to directly reference every key managed by it's sub-divisions of it's various business units.However, there's an implicit trust relationship between
did:example:conglomerate
and it's reference todid:example:business-unit#key2
. For example, an attacker could compromisedid:example:business-unit
and point#key2
todid:example:malicious-attacker#key1
and now malicious-attacker key1 can be used to sign on behalf ofdid:example:conglomerate
.This is similar to booleanResults expected function1 contract that it will return false because it's negating the result of function2. If it were to stop negating function2, then the logical expectation in the callerFunction would fail.
Should this be allowed?
I tend to lean towards the answer is "No, it shouldn't be allowed" because the implicit trust relationship will be abused at some point and keys will be able to falsely represent did subjects. If others agree with me, then we don't need to make any changes to the specification and this can be close. However, the flip side is multi referencing keys enables easier management of did-documents which can be a very powerful feature. I'm curious, where do others land on the topic?
@dlongley or @msporny I suspect you guys may have thought through this case already because I see JSON-LD examples that do the direct referencing use cases in the spec.
The text was updated successfully, but these errors were encountered: