Open
Description
A DID resolve always queries the database, since they're not cached server-side. Although it's a relatively cheap operation, it's an unauthenticated API call (which literally anyone can do), so there's a small DoS risk in there. This can be mitigated by caching the DID document server-side, either by building it into the Nuts node (meh) or having a reverse proxy cache the DID documents.
Note that the Nuts node's did:web resolver already cached DID documents.
Update: this also applies to the Discovery Service.
Metadata
Metadata
Assignees
Labels
No labels