UCAN

FAQ

Is UCAN secure against person-in-the-middle attacks?

UCAN does not have any special protection against person-in-the-middle (PITM) attacks.

Were a PITM attack successfully performed on a UCAN delegation, the proof chain would contain the attacker's DID(s). It is possible to detect this scenario and revoke the relevant UCAN but does require special inspection of the topmost iss field to check if it is the expected DID. Therefore, it is strongly RECOMMENDED to only delegate UCANs to agents that are both trusted and authenticated and over secure channels.

References


Backlinks