diff --git a/index.html b/index.html index 2ec7cde6..58bf5d33 100644 --- a/index.html +++ b/index.html @@ -2944,41 +2944,12 @@

Non-Repudiation

[=DID resolution=] process.
  • -The subject is monitoring for unauthorized updates as elaborated upon in -[[[#notification-of-did-document-changes]]]. -
  • -
  • The subject has had adequate opportunity to revert malicious updates according to the authorization mechanism for the [=DID method=].
  • -
    -

    Notification of DID Document Changes

    - -

    -One mitigation against unauthorized changes to a [=DID document=] is -monitoring and actively notifying the [=DID subject=] when there are changes. -This is analogous to helping prevent account takeover on conventional -username/password accounts by sending password reset notifications to the email -addresses on file. -

    -

    -In the case of a [=DID=], there is no intermediary registrar or account -provider to generate such notifications. However, if the [=verifiable data -registry=] on which the [=DID=] is registered directly supports change -notifications, a subscription service can be offered to [=DID controllers=]. -Notifications could be sent directly to the relevant [=service endpoints=] -listed in an existing [=DID=]. -

    -

    -If a [=DID controller=] chooses to rely on a third-party monitoring service -(other than the [=verifiable data registry=] itself), this introduces another -vector of attack. -

    -
    -

    Revocation in Trustless Systems