Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

DID key rotation (NFR004) #36

Open
5 of 32 tasks
bluesteens opened this issue Apr 26, 2023 · 2 comments
Open
5 of 32 tasks

DID key rotation (NFR004) #36

bluesteens opened this issue Apr 26, 2023 · 2 comments
Labels
enhancement New feature or request Steering - Review Proposal and Completed work must be reviewed by Steering.

Comments

@bluesteens
Copy link
Member

bluesteens commented Apr 26, 2023
edited by rceleste125
Loading

Steering: Proposal Summary

This is for the Steering work START approval step. Discuss the proposed work or change.

Should DID key rotation be based on usage frequency or a fixed time period? A key that's used more frequently can cause more harm in the wrong hands. Thus, usage-based rotation might add more security to the overall system.

see NFR004

current requirement:

keys SHALL be rotated no less often than once every 12 months

should we consider a usage-based key rotation in addition or instead of time-based rotation?

Steering: Publication Summary

Discuss the work that was completed in reference to the above proposal. Include any differences from the proposal and why.

  • Is Issue appropriate for OCI Architecture
  • Create Steering-level Summary of request
  • Assign Size
  • Assign Priority
  • Assign Label (if needed)
  • OCI affected Artifacts Identified
  • Assign Triage - Artifact Version Target (v x.x.x Milestone)
  • Assign Triage - Interop Profile Version Target (v x.x.x Milestone)
  • Create sub-project (if needed)

Affected Parties (help determine Sunrise/Sunset):

  • Trading Partners
  • Issuers
  • Wallet Solutions
  • PI Verification Solutions

Affected OCI Artifact

  • Schema Document
  • Identity Schema
  • ATP Schema
  • Issuer Conformance Criteria
  • Wallet Conformance Criteria
  • VRS Solution Conformance Criteria
  • Wallet API Specification
  • Governance Document
  • Conformance Program
  • OCI Website
  • Internal Process

Change Category (Guides Steering Review)

- Steering/Industry Review

  • Business-Level (May affect business operations)
  • OCI Governance, Policy or website feature

- Steering/Industry Notification

  • Technical-Level (Does not affect business operations)
  • OCI Internal Process or Infrastructure

Communication

  • Website
  • Newsletter
  • email:
  • Other:
@bluesteens bluesteens added the enhancement New feature or request label Apr 26, 2023
@bluesteens
Copy link
Member Author

bluesteens commented May 10, 2023
edited
Loading

should this be a DID holder decision? but OCI recommends to offer both rotation methods

@rceleste125 rceleste125 added the Steering - Review Proposal and Completed work must be reviewed by Steering. label Jul 17, 2023
@bluesteens
Copy link
Member Author

Mtg July 27:
rejected, as it seems overengineered. key management systems could cater sufficiently for the recommended level of security;
refer to comments in #30

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
enhancement New feature or request Steering - Review Proposal and Completed work must be reviewed by Steering.
Projects
OCI Change Management
Status: Done - Rejected
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bluesteens @rceleste125