| Summary: | Proving that an <italic>endpoint</italic> (e.g. URL, telephone number, etc.) is controlled by a <italic>subject</italic> is crucial in many applications. In the web, this is witnessed by the widespread adoption of HTTPS. In centralized architectures, this task is usually carried out by trusted <italic>certification authorities</italic> (CAs). In decentralized applications, for example based on blockchains, or for self-sovereign identity management (SSI), it would be desirable to perform these checks in a decentralized way, relying on the collective behavior of a society of individuals rather than on a single trusted entity. In any case, the result should be a widely usable certificate, as in the centralized CA case. In this paper, we show two blockchain-based methods to prove the association between a subject and an endpoint in a decentralized manner. Our methods are compatible with a wide variety of endpoints and contribute to fill the gap of the current SSI approaches with respect to decentralization. We analyze the security of our proposal and provide a proof-of-concept implementation. We also evaluate performances, costs, and compatibility with current standardization efforts about SSI.
|
|---|