New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarification on what DIDs might identify #199
Comments
There are two ideas here. The first, yes, one should be able to use DIDs to identify subjects like the moon, e.t.c. which is especially useful for VCs. However, using a DID document to publish information about the subject is an anti pattern i actively discourage. IMO, a DID document should only contain information needed for secure interactions with the subject. We can't prevent people adding assertions that the moon is made of cheese, but it's really a violation of the moon's privacy' so let's not encouraged that. |
@jandrieu, just to clarify, though: while I agree that assertions about the details of the moon are an anti-pattern, it is acceptable to add a reference (I guess as a service) to a home page on the Web authoritatively describing the subject. (I use the 'authoritatively' in a loose sense; e.g. is to refer to my personal Web site, for example.) |
I agree with @jandrieu.
In principle, yes, but the same PII rules apply. In my view, I think which statements can/should be made about a DID subject in a DID Document largely depend on who can resolve the DID to get the DID Document -- and the nature of the system that stores these statements, including how it "forgets" such statements when desired. These two qualifiers could perhaps be summed up by saying "it depends on the DID method". For example, Veres One intends to disallow PII of this sort to be stored on its ledger, instead preferring to use a privacy preserving "ProxyService" endpoint. The proxy service endpoint would be expressed in the DID Document returned when resolving the DID, but it would not reveal PII about the DID subject itself. The service could, however, be used to retrieve more statements about the DID subject in a way that supports deletion and, potentially, authorization. It is here that additional services that may contain PII such as what you mentioned (home page on the Web) would be expressed. Either way, all statements about the DID subject (whether retrieved from the DID Document or an extension of it via the ProxyService) can all be collapsed into a single graph of statements about the DID subject -- and then passed to an application for consumption. |
Yes, you can have a service endpoint to get more information, but I believe that is a flawed approach. We can't keep people from doing it without removing service endpoints, which I do not believe is a viable option at this stage. However, turning DIDs into a lookup mechanism for details about subjects is a fundamental privacy problem. IMO, we don't need more directories that let anyone glean information, PII or otherwise. This information WILL be aggregated and it WILL be used improperly. In my professional opinion, the DID subject should ALWAYS be in the loop for any disclosure of information. We have zero mechanisms on the table for purpose binding and consent in the DID Document and while you could place that functionality behind a service, it still lacks the human in the loop unless, again, you create an extraordinary service endpoint far beyond what most have been discussing. Far better for individuals to ALWAYS explicitly share whatever information they choose to (and not sharing what they don't), using the DID infrastructure to verify the veracity of that information and the proof of control for authenticating as the subject. IMO, this is the proper best practice for protecting privacy, but I may well be a minority voice in this working group. |
I agree that a DID document should not be used to look up personal details of DID subjects. This issue is more to explore 2 ideas:
I'm wondering if it makes sense for the subject of a DID to be a JSON-LD context document; essentially using the did resolution process to retrieve some content that may or may not have any public keys or controller associated with it. |
For #1, that seems like a weird edge case. I believe all of the methods use keys to control the DID Document, which means that there ARE keys associated with the DID, whether they are in the document or not. I can create a DID for the moon and start issuing VCs either about the moon or "from" the moon. That's an interesting bit of fiction... and I look forward to the artist who takes up that task. What can never be known definitively is whether or not the controller of those keys is, IN FACT, the moon. IMO, any attempt to restrict this will be untenable. The only real option is to understand that the Subject isn't necessarily the Controller, and as such, what the Controller does may or may not legitimately represent the actions of the subject. DIDs can only ever be a single factor in what will need to be a multi-factor tapestry of identity proofing and authentication. For 2, we have two things. If the DID Document is its own subject, we have a recursive problem similar to http range 14. What I think we probably need is the ability to specify in a DID-URL that we are referring to the DID Document instead of the DID Subject. Then you can make VCs with the DID Document URL as a distinct thing from VCs about the DID Subject (which uses the naked DID). However, I don't believe it makes sense to be self-referential in regards to the subject. Is there a use case that you can describe for this? The second have of #2 is if the DID Document contains the DID Subject. That's also a bit weird. I think the same work-around as above would be appropriate, but I would need to understand the use case. Do you mean that a specific property (or set of properties) in the DID Document is somehow the Subject referred to by the DID? I'm struggling with out a concrete example, but I think the same DID-URL approach used for the entire document should work for part of the document, IF the scope of the Subject is describbale within the DID-URL syntax. For example, I don't currently see how you could specify multiple distinct properties within a DID Document in a single DID-URL. Use cases would help. |
I think we're miscommunicating. A "home page", "personal website", or "personal VC service" may contain PII in the URLs themselves. They are also "mechanisms for interacting securely with the DID subject". With the approach I outlined, DID methods that use DLT/blockchain tech can have a mechanism for discovering those service URLs (which can then be used to get access to more information with the appropriate consent, etc.) without running afoul of "the right to be forgotten" -- because the URLs themselves are not on the blockchain. Instead, a non-PII ProxyService that is on the blockchain enables you to get them from a non-blockchain service. I think this is an important and useful feature. I am not suggesting that the feature be abused to express your SSN. |
I understand the work-around. I still think it's the wrong approach. Using a DID registry as a white pages is going to cause harm. Full stop. I'm not talking about regulatory compliance, I'm talking about the structure of available information. Yes, people will still do it. Yes, people will get value out of giving out a DID URL that magically moves from service to service as their life evolves. Just like we get value out of having a public posting board at the local coffeeshop where businesses can post flyers. And who would blame individuals for wanting the same convenience? Sacrificing your privacy for convenience happens all the time. Heck, my address has been publicly linked to my name and companies my entire adult life. I get it. Doesn't mean I'm going to recommend it to my loved ones or clients. Nor do I think we should stop seeking an system that enables secure interactions without inviting wholesale loss of privacy. Creating a large scale identity architecture that invites all participants to publicly link service URLs and related information to a known identifier will create a medium for exploitation. And it will be exploited. It behooves us to find better options. |
This thread has moved quickly. I want to go back to @brentzundel 's original question:
My answer is absolutely yes. This has been assumed about DIDs since the very first version of this spec four years ago. In short, a DID can be use to identify "anything with identity". Period. I started the following simple diagram during our F2F meeting in Amsterdam last month: IMHO, this captures everything that needs to be said about the relationship of a DID Controller, a DID Subject, and a DID Document:
So the fact that a DID identifies a DID Subject that is not capable of interacting using cryptographic keys is immaterial for several reasons:
All of the above (and others I've probably missed) are possible, which is why everything is optional in a DID Document except the DID (because without a DID, you're not identifying anything at all). ADDENDUM No sooner did I finish this comment than what appeared in my email was a notification from W3C that Web of Things (WoT) Architecture is now W3C Proposed Recommendation. WoT is a perfect candidate for DIDs that identify things that may or may not have the ability to interact using cryptographic keys. |
From Drummond's comment, number 3 is what I was looking for. I know that this is allowed by the spec (everything is optional except ID), but I wasn't sure how palatable such an idea would be. For @jandrieu, an example of what a DID Doc might look like if it contained a JSON-LD
|
@brentzundel I'm curious about your |
It is something that was developed for this use case.
If a context document may be identified by a DID, then it might make sense
to allow it to be retrieved via a DID document.
…On Thu, Feb 20, 2020, 20:42 Drummond Reed ***@***.***> wrote:
@brentzundel <https://github.com/brentzundel> I'm curious about your
"subject": property above. Is that a proposed generic DID document
property for describing (vs. identifying) a DID Subject, or a crossover
from Verifiable Credentials, or something you developed for this use case,
or...?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#199?email_source=notifications&email_token=ACPFKPZTVRFVW3JEYCIK5S3RD5EQPA5CNFSM4KXMHSZ2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEMRM6EY#issuecomment-589483795>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACPFKP7DRUAMCF2BUFVWLQTRD5EQPANCNFSM4KXMHSZQ>
.
|
@brentzundel That makes sense to me. In fact it was @dlongley who originally convinced me that not only could a DID identify anything, but a DID document could describe anything. Originally I had thought that the DID document would just include a service endpoint from which you could get a description of a DID Subject. And that certainly can make sense if the description needs to be access-controlled in some way. But if the description is itself public information resource (like a schema or a JSON-LD context or a verifiable credential definition), then why not save a round-trip (and the extra protocol switching) and just have the DID Subject be contained within the DID document itself? What I like about the Lastly, it would be trivial for a DID resolver to be asked to return any DID Subject that was an information resource contained in a DID document using this approach. |
This solves the problem that I have been working on at Sovrin for over a year: how to identify immutable resources such as contexts, schemas, credential definitions, etc. in a way that is compatible with the DID resolution process. Matrix parameters were first suggested as a way to solve this problem; matrix parameters come with their own baggage. Using a DID to identify the digital resources and returning the resource within the DID document elegantly solves my use case. |
@ken-ebert That's exactly what I was thinking when I first saw Brent's example. As you recall, Ken, you and I spent an entire Rebooting the Web of Trust conference in Barcelona a year ago working on how to best solve the problem of using DIDs to address immutable content. In retrospect I'm not sure why we didn't see this solution—it strikes me now as one of those "blinding flashes of the obvious". |
@ken-ebert I don't think it solves that problem, because the DID Document is not itself immutable. You could refer to a context with a DID and then update the DID Document to contain different data. |
@ken-ebert I think the better way to handle this is just a service endpoint with a data: url. rather than data at the top level. So users can say did:example:123;avatar and get back the png given as an avatar because the service endpoint is defined as in this gist: https://gist.github.com/jandrieu/34c5b05cef5b01f80b9088b339de9798 Of course, you would use the actual context instead of a picture of me. This is a more generalizable approach to get what you want: storing context in the did document, without inventing anything new. Data: urls have been around a long time. A convention about what to name that service endpoint would be useful, but sticking a data property at the top level seems like putting an http resource in your DNS record. It's conflating two different parts of the layered architecture and may not work well with the other layers. |
@jandrieu Let me respectively disagree. It's not that there's anything wrong with a What I understand Brent and Ken are after is that the DID identifies the target information resource itself and nothing else. So the target information resource IS the DID subject. Putting the target information resource in the DID document as the body of the This approach also takes advantage of the fact that no other separate data repository is needed for the information resource. In other words, since a DID method must already be responsible for long-term persistence of DID documents, then why not also use that same persistent storage mechanism for an information resource identified by a DID? IMHO this gets to one of the key ways that DID architecture is different than DNS architecture. DID architecture is not only decentralized instead of federated, but DID documents can be self-describing. What Brent and Ken are suggesting is one way to take advantage of that self-description: take an immutable information resource and wrap it in a DID document so it becomes permanently addressable via that DID. |
|
@talltree I think the bigger issue is that the proposed addition changes the semantics of DIDs as URIs and URLs. You are essentially adding a default resource to return when a DID URL is dereferenced, which is something OTHER than the DID Document, depending on the presence of a special, optional property in the DID Document . Now you have two very different responses to dereferencing a DID, depending on the presence of a "data" element, but only if a service endpoint is also not defined, in which case, what happens remains TBD. IMO,
This proposal adds another level of complexity, despite the opportunity to achieve the same phenomenon with a service endpoint. In fact, if you don't like data: URLs, add a new type of service endpoint, perhaps "resource" which will return the specified property directly. Messing with what it means to de-reference a DID Url seems like the wrong way to get what you want. It adds unnecessary complexity without adding features that can't already be achieved. My strong advocacy here is that we should stop trying to do more with DID Documents by jamming new content into them. Rather, we should be minimizing what is in the DID Document to make interoperability more achievable. More is less and less is more. |
I guess this is related to the separate issue which has been bugging me since the face-to-face, see #183, in particular #183 (comment) ... |
This is almost correct. In fact, dereferencing a DID URL with a service part ( This is comparable to how HTTP redirects work. The browser tries to dereference the first URL, but it gets another URL instead of a representation of a resource. It then dereferences that second URL. See https://w3c-ccg.github.io/did-resolution/#dereferencing-algorithm for more details. |
I took the liberty of making a pull request to clarify what a DID identifies, see #213. "A DID identifies an entity that is capable of creating digital signatures, e.g. a natural person, a legal entity or an autonomous machine." Would this help this discussion about "Clarification on what DIDs might identify"? |
I've made comments in the PR and do not feel that it addresses this issue. |
@talltree Thanks for bringing this discussion to my attention. I'm sure @ken-ebert and @brentzundel would have brought it up in the next HL Semantics WG call for in-depth discussion. I'll put it down as an agenda item for the next Semantics call. |
Since the |
The type idea was very dangerous to section 10.4, Herd Privacy. https://www.w3.org/TR/did-core/#herd-privacy I think these representational issues don't belong in DID-core at all. Use of DIDs will sometimes never reveal a DID Document publicly, but Take everything else to a DID method. You even have an open world |
@rxgrant, I completely agree with your interpretation of what the spec is not supposed to be used for. With respect, this issue has nothing to do with identifying, sorting, or dereferencing people, and a solution for this issue which makes that possible or likely should not be pursued. This issue is about including an information resource within a DID document if the DID identifies an information resource. |
What's an information resource?
…On Mon, Nov 2, 2020 at 11:21 AM Brent Zundel ***@***.***> wrote:
@rxgrant <https://github.com/rxgrant>, I completely agree with your
interpretation of what the spec is not supposed to be used for. With
respect, this issue has nothing to do with identifying, sorting, or
dereferencing people, and a solution for this issue which makes that
possible or likely should not be pursued.
I share many of your concerns about possible misuse of DIDs, and feel
strongly that properties which compromise the privacy of individuals are
inappropriate within DID documents. I have never argued for an open world
model for DID Documents, and personally feel that public DID documents for
individuals should never be used. Nor have I ever argued for nor encouraged
database aggregation or crawling of DID Documents.
This issue is about including an information resource within a DID
document if the DID identifies an information resource. type was
introduced as a possible mechanism for doing so, and was rejected for its
privacy implications.
If you have similar, specific concerns about a representation property,
or other concerns about how it may be misused, please share them.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#199 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABB4YPPBUAG7MBRNUNEFC3SN3MCJANCNFSM4KXMHSZQ>
.
|
some examples of information resources this issue is concerned with: #199 (comment) |
https://www.w3.org/2001/tag/doc/httpRange-14/2007-05-31/HttpRange-14#sec-information-resources WARNING: That document is a very deep rabbit hole, don't go down the rabbit hole. That particular rabbit hole has eaten decades of peoples lives... and it's still hungry. |
This might be a good thread to capture my suggestion: "Treat DIDs linked to
a VDR the way we treat Bitcoin addresses." on
https://docs.google.com/presentation/d/1RoE8E4y8S1j65EJaXZ8oihkduNbjTXXvdwtkzw961Xw/edit#slide=id.ga6aa7427ae_1_87
Based on this principle, a DID on a public VDR would say nothing more about
the result of dereferencing said DID than an address on that VDR does. In
both cases, the identifier is subject to a specified control structure and
is self-sovereign in the sense that it "can't be taken away." Under GDPR
and future privacy domains, we would treat the DID document as if it were,
for example, a smart contract on Ethereum.
…On Mon, Nov 2, 2020 at 1:42 PM Manu Sporny ***@***.***> wrote:
What's an information resource?
https://www.w3.org/2001/tag/doc/httpRange-14/2007-05-31/HttpRange-14#sec-information-resources
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#199 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABB4YP6SF7G46FUXKFRIITSN34SPANCNFSM4KXMHSZQ>
.
|
There is a partial answer to this in #460. There isn't a specific solution to this yet. |
The specific solution will need to be raised in a PR. I will try to get one in. |
@dlongley Not sure what you might have been trying to highlight. I believe my concerns have already been stated in the comments here: DIDs can identify anything, but IMO we shouldn't enshrine DID Documents as delivery vehicles for resources. If methods want a resolver to return additional resources along with a DID Document, that is an entirely appropriate use of meta-data. So, what Brent is asking for could reasonably be met by defining a meta-data field that contains a representation of the resource. That would be fine. The devils will be in the details. So, I think we need a PR to get to specific language. |
I began a PR to address this, but got stuck. If I remember correctly, we've defined three buckets:
@jandrieu I'm not opposed to using metadata to deliver content identified by the DID as part of the resolution process, but which bucket should it go in? My mental model puts it in the DID Document because it is data about the DID Subject, but I understand the desire to keep DID Documents as simple as possible and not overload them. The options that I see for addressing this issue:
I'm also open to other ideas if anyone has some. |
-1 to option 2 (define a new metadata category). I'm pretty sure content identified by the DID belongs in the DID document (option 1). |
@peacekeeper I'm pretty sure that what is in the DID Document should be about how to interact securely with/on behalf of the DID Subject and not a transport mechanism for any resource(s) the DID might refer to. Seems to me that if--in addition to the DID Document--a representation of the DID Subject is returned by the resolver, then that is resolution metadata. That is, the resolver needs to communicate that its response includes a representation of the subject. Putting any attributes or representations about or of the DID Subject that is embedded in the DID Document undermines herd privacy. Remember, the DID refers to a DID Subject. It is not intended to be a URL for the DID Subject but a URI. Per 3986 the resolution process should return an "access mechanism and the appropriate parameters necessary to dereference a URI". That is what is in the DID Document. It is not the Subject itself. If the DID Method provides a way for a resolver to also return the resource itself, that would be dereferencing the DID rather than simply resolving it. I can accept that returning that resource in the same method call as the resolution is reasonable as Resolution Metadata, since in the resolution process should return the DID Document, not the resource. We could also define the API such that the resolution request specified dereferencing. In THAT case, if the DID can be dereferenced to a resource, dereferencing should return the resource instead of the DID Document, whether its from a DID-URL or from a DID of a method that is capable of returning the resource in the same step as returning the DID Document. With this representation property in the DID Document, resolution now is indistinguishable from dereferencing for those DID, which is both a layer violation and a herd privacy problem. TLDR: Resolution should return the DID Document, not the resource. But including the resource in resolution meta-data would address use cases like @brentzundel's. I'll repeat arguments I've made elsewhere to see if there is any support among us collaborators. The intention of DIDs was to provide a way to prove control over an identifier (using publicly verifiable data) without reliance on a trusted third party--a sharp break from all previous identification mechanisms. The use case described by Brent doesn't do that. did:schema doesn't do that. You cannot use did:schema to prove who controls that resource or the identifier. All you're doing is, at best, pointing to a static resource on a content-addressable network (which cannot be updated while retaining the initial DID). So, you can't even prove control over the identifier through ANY mechanism, not even by changing the DID Document: either the DID Document is deterministically generated from the DID (as in did:schema) so changing the Document requires changing the DID, or changing the DID Document would change the DID (as was discovered in early IPFS-based DIDs where the DID itself was a content-based identifier). You can't authenticate with did:schema. In short, those DIDs really should be CIDs, not DIDs. However, since we have failed to define what can and can't be a valid DID Method, we need to manage the presence of these outlier methods. That said, I have no problem with a resolution process that enables resolution and dereferencing in the same step, and DID Methods that support that. That seems to be the key goal in Brent's request. That would make it resolution meta-data. Another option would be to simply make "representation" a method-specific property. It certainly does not seem to have the broad-based support necessary to make it a core property. Do we have two different implementations of this? Or even multiple method definitions that intend to implement it? |
Where you're going with this @jandrieu is something that I think I can get on board with. In the case of the DID Document for did:schema would this still be a valid in your eyes?
And the Resolution object would be something more like this:
Note: embedding XML in JSON is not the point of the example and it's only there for accuracy of the example. In any case figuring how to handle that would likely need to be considered if the DID Doc Metadata was expected to be return in JSON, but we'll leave that for a separate concern in DID Resolution. |
We have already defined both "resolving" and "dereferencing":
Keep in mind that every DID is also a DID URL. Dereferencing a DID URL can potentially return a representation of a resource that is not the DID document; I think this is consistent with what you're saying @jandrieu . |
@peacekeeper Yes. That's correct. And so, if you put a representation in the DID Document, then you can no longer resolve a DID without also dereferencing it. That is the layer violation, because you can no longer distinguish resolution from dereferencing. |
The issue was discussed in a meeting on 2020-12-08)
View the transcript3. Issue 199See github issue #199. Brent Zundel: Possibly last of the issues that need to be discussed — at this point there are a few changes on how we could move forward
Brent Zundel: Let's time box to 10 minutes to briefly discuss the issue — clarification of what DIDs might identify Manu Sporny: could you outline a concrete use case? I believe it is something like you have a schema that has a DID associated with it and you want to return the schema and not the DID document, but I might be misunderstanding? Brent Zundel: Yes, we have an information resource that is a schema identified by DID — it is the DID Subject, resolution of DID would like DID Subject returned in addition to information returned in DID Document... important to see who controls the subject, and that is information representation in DID Document... initial attempt was content property, which then turned into representation, then type, which turned into a bad idea... how can we do this? Adrian Gropper: I see this as a pure authorization problem. I know there's been discussion about this over the weekend... see this entirely as an authorization issue. Jonathan Holt: How do we do this w/ authorization? In IPID method, create submethod name, schema, same thing when you resolve DID Document, you can also resolve schema... ipid:schema: ... that's how we were going to handle it — how can we do this w/ authorization? Markus Sabadello: I'd be opposed to allowing resolution of a DID — resolution not dereferencing, when you resolve a DID you can't get anything other than a DID Document.
Markus Sabadello: I would be open to saying that you resolve the DID and you get a DID Document, and that has a property that contains the subject... when you dereference a DID, you could get something other than the DID Document... we shouldn't change basic assumption, when you resolve a DID you get a DID Document. Joe Andrieu: It's important to be able to resolve w/o dereferencing — this property wouldn't allow that when it's used... that seems to be a layer violation... could have impact on herd privacy. We should allow resolution as a distinct step from dereferencing. Brent Zundel: good feedback Drummond Reed: I was going to ask why Adrian thought this was an authorization problem? Brent Zundel: It sounds like, of the options we went through — Joe is uncomfortable w/ option #1... wondering now about option 3 - as part of resolution input metadata, the entity resolving DID — also give me Information Resource identified by it, option 4, did parameter that is a URL that could be dereferenced to retrieve DID subject. Adrian Gropper: the explanation is — entirely consistent w/ resolution should be separate from dereferencing... DID Document is a public document in general... as far as spec is concerned, we should consider it to be public — therefore, distinction between dereferencing needs to be protected by authorization step. Markus Sabadello: Small modification about option 3- input metadata property to request DID Document or DID Subject... if we could change that to "dereferencing input metadata" resolving never returns anything other than DID Document... parameters or metadata properties --- dereference the did, metadata property, could return something other than DID Document... not mutually exclusive w/ option #4. Ivan Herman: Listening to that, I don't understand the use case. Brent Zundel: #1 — return the file. Ivan Herman: Sounds like a narrow use case. Brent Zundel: A large community cares about this use case. Drummond Reed: Two quick points - as an editor, huge mistake to assume DID Document is public... we should make sure we cover that case, but there are thousands of use cases for DID Documents that are private — shared between peers... so to impose on the spec that all DID Documents would be public.
Drummond Reed: Interested in a parameter for requesting dereferencing — all for resolution, but if you want for efficiencies sake, compose URL that ask for dereferencing — that's option #4. Brent Zundel: We have a minute left and then we need to move on... Excellent feedback so far. Manu Sporny: veres one has a use case where we store capabilities on ledger, in veres one the DID doc is a capability itself. We have explored other things being stored in DID docs that are kind of like the use case brent outlined
Joe Andrieu: regarding Drummond's comments — public vs. private — important thing isn't "all did documents are public"... rather, "herd privacy requires they be indistinguishable"... properties unique to subject can cause problems w/ herd privacy.
Ivan Herman: I understand the use case and accept it — maybe this is what Joe was saying — there is a layering issue... the method, as far as DID is concerned, does resolution and returns DID Document... but there is DID URL, which is different thing... method stores something other than DID DOcument, so you want to give separate access to other information — those two things are very different... I'd use a different access mechanism... DID URL might be the different tool for this... “I don't resolve now, I use other functionality”, these two things shouldn't be mixed.
Markus Sabadello: we already have scenarios where dereferencing a DID URL returns something other than DID Document, service selection, for example — not a new idea. Brent Zundel: Ok, that helps, will move on to issue processing |
Just read through the comments on why we might want this functionality. One of the core ones that I've been thinking it would be useful for would be to publish a revocation object (from rl-status-2020) to a ledger such that it can be resolved later. An example of this would be if did:example:123 is resolved the returned "DID Document" (It's by definition a did document, but it definitely steps outside the original intent of the DID Document) would be:
In this case, the DID Subject would be the RevocationList2020Credential and the DID Controller would be the DID defined in the the Of note, the language in the VC Data Model |
This revocation issue goes back three or four years to the Healthcare
(Prescription) Use Case https://w3c.github.io/did-use-cases/#prescriptions
If the prescription is coded as a VC, it needs to be revocable by the
issuer (the doctor when they write another prescription) AND by the
pharmacist when they dispense the prescription. I guess the time has come
to deal with this.
…On Tue, Dec 8, 2020 at 5:26 PM Kyle Den Hartog ***@***.***> wrote:
Just read through the comments on why we might want this functionality.
One of the core ones that I've been thinking it would be useful for would
be to publish a revocation object (from rl-status-2020) to a ledger such
that it can be resolved later. An example of this would be:
If did:example:123 is resolved the returned "DID Document" (It's by
definition a did document, but it definitely steps outside the original
intent of the DID Document) would be
{
***@***.***": [
"https://www.w3.org/2018/credentials/v1",
"https://w3id.org/vc-revocation-list-2020/v1",
"https://www.w3.org/ns/did/v1"
],
"id": "did:example:123",
"type": ["VerifiableCredential", "RevocationList2020Credential"],
"issuer": "did:example:456",
"controller": "did:example:456",
"issued": "2020-04-05T14:27:40Z",
"credentialSubject": {
"id": "https://example.com/status/3#list",
"type": "RevocationList2020",
"encodedList": "H4sIAAAAAAAAA-3BMQEAAADCoPVPbQsvoAAAAAAAAAAAAAAAAP4GcwM92tQwAAA"
},
"proof": { ... }
}
In this case, the DID Subject would be the RevocationList2020Credential
and the DID Controller would be the DID defined in the the controller
property. When the controller wishes to update the
RevocationList2020Credential (say to revoke a credential in the
encodedList) they would submit an update to the VDR which would include the
new encodedList value and it would be signed by a verification method
from the "assertionMethod" verification relationship in did:example:456's
DID Document. It's also possible that the "issuer" and "controller" could
be inferred to be the same and as such the controller property could be
dropped, but that felt less semantically precise given the case where the
issuer is different than the controller because the controller is the
publisher of the RevocationList2020Credential and the issuer is the signer
of the actual credential.
Of note, the language in the VC Data Model The value of the @context
property MUST be an ordered set where the first item is a URI with the
value https://www.w3.org/2018/credentials/v1. would likely be in conflict
with the language in the DID Core spec An INFRA list, with first item the
INFRA string https://www.w3.org/ns/did/v1, and subsequent items of type
INFRA string or INFRA map. So we'd need to update one of those normative
statements to make this possible.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#199 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AABB4YO3NUQBZDA3PD2V543ST2R2BANCNFSM4KXMHSZQ>
.
|
This PR is waiting on PR #460 to be merged and this issue will be closed after that PR has been merged. |
PR #460 has been merged, closing. |
I think there is agreement in the group that DIDs may be used to identify entities such as people, agents, IoT devices, etc.
What about using DIDs to identify things that are incapable of interacting using cryptographic keys? What if there is no controller property or public keys at all? Could a DID document simply contain, or point to, some content?
Could the following have DIDs?:
Apologies if this is a re-hash of an already concluded conversation. I searched but did not find.
The text was updated successfully, but these errors were encountered: