2017-09 DID Spec Bug Triage

[msporny]

I'm putting together a triaged bug list that hopefully walks us through the issues in a way that generates solutions to the low level problems before tackling the higher-level ones. Here's the suggested order:

1. Proofs or signatures?
   • Insight for DID spec: proofs, not keys #15: proofs, not keys
2. Capabilities security model?
   • Do we need to adopt a capabilities-based delegation model? #11: capabilities-based delegation model
   • Should keys describe what they are used for? #10: should keys describe what they are used for?
   • Change owner to publicKey #4: ambient authority w/ 'owner'
   • "Proof of Authorization to Update" vs "Proof of Control" did-method-v1#1 (comment): separation of concerns
3. How are DID-based authentication credentials specified?
   • "Proof of Authorization to Update" vs "Proof of Control" did-method-v1#1 (comment): authenticationCredential field
4. How is DID Document update authorization specified?
   • control should not include boolean logic #6: boolean logic in control field
   • "Proof of Authorization to Update" vs "Proof of Control" did-method-v1#1 (comment): authorization field
   1. Determine how guardianship is supported
      • Is the guardian field duplicating functionality provided by the control field? #8: guardian field duplicates control field?
      • "Proof of Authorization to Update" vs "Proof of Control" did-method-v1#1 (comment): authorization field
5. Determine how Verifiable Claim issuance is done from a DID Document.
   • "Proof of Authorization to Update" vs "Proof of Control" did-method-v1#1 (comment): how to issue?
6. Determine how services are listed
   • service should not exist, rather a set of services #7: remove service field

[msporny]

This is a meta issue that's old. All of these issues have since been addressed. Closing.