Are ILP Addresses tied to identity at all? Are they Ephemeral?

For the longest time I’ve had this rule in my head that ILP addresses only exist to aid in routing decisions, and should never be user-facing and should never be tied to identity in the Interledger.

I recall @justmoon or somebody also once saying that ILP addresses should be considered ephemeral, and that they might change at any time (after all, ILP addresses are fundamentally used for making routing decisions).

Did this get negated in our Secure Routing session at the ILP summit? I’m trying to form an opinion around whether or not an ILP address should be tied to peer-wise identity at all…or for that matter Interledger-wide identity.

For example, does it makes sense to make an ILP address the subject of an x.509 certificate, and authenticate a connection between two peers where each peer sees the other as being identified by an ILP address?

Or more broadly, should there be an ILP-wide CA that vouches for identity on the Interledger?


Hi, All!
I’ve just arrived, I hope I will not be driving anyone to an wrong direction.
The issue is very important since there is that GDPR legislation that states that the subject identity shouldn’t be tracked, but in the other hands, the expected effects from a transaction would make necessary to record some identities from the parties for some period. There comes the dilema.
But, what if we consider that, in real life, we do similar money transactions in a bank, in more than one manner, and after all we don’t keep those proofs of transaction in paper forever. We do keep them for a while, but as soon as one do his cleanup at home, he garbage those papers holding identities.
Now, back to the original matter, we should probably think on the same way: We are humans, we may make mistakes, but we don’t want to deal with money from people and make them lose money due to our mistakes. Then there is this tendence to keep some records for a certain while.
I hope I am not giving another way to the discussion, guys. The subject interests me a lot.

Oh, finally, I would like to present this answer to the last question of @sappenin : Yes, buddy, I would strongly recommend the employ of a CA issuing certificates to both parties.
But I am kind of sure, by faith (since I’ve just step in), that Interledger already has such thing.