You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Its possible to use the .well-known/did-configuration to expose DIDs for the domain, that are "Company" DIDs, but its also possible for it to be "Customer" DIDs, or user DIDs...
The question here is about providing guidance on what kinds of DIDs should be associated with a domain.
It seems like we should take an authoritative stance, that this uri is not to be used for customer or user account/ user agent / wallet DIDs.
I suggest we add some specific language to the spec advising domain controllers to not automatically register DIDs on behalf of domain users here.
If that is a desirable feature, I believe it should be exposed using webfinger instead, since that is a well known uri that is built for discovering users of a domain.
Its possible to use the
.well-known/did-configuration
to expose DIDs for the domain, that are "Company" DIDs, but its also possible for it to be "Customer" DIDs, or user DIDs...The question here is about providing guidance on what kinds of DIDs should be associated with a domain.
It seems like we should take an authoritative stance, that this uri is not to be used for customer or user account/ user agent / wallet DIDs.
For an analogy, if we're talking about twitter:
https://twitter.example.com/.well-known/did-configuration
Would hold DIDs for the company twitter, but NOT twitter users.
The text was updated successfully, but these errors were encountered: