- From: Christopher Allan Webber <cwebber@dustycloud.org>
- Date: Mon, 27 Nov 2017 13:22:00 -0600
- To: Dave Longley <dlongley@digitalbazaar.com>
- Cc: =Drummond Reed <drummond.reed@evernym.com>, Melvin Carvalho <melvincarvalho@gmail.com>, "W3C Credentials CG \(Public List\)" <public-credentials@w3.org>
Dave Longley writes: > If every DID method supported this method of retrieval, DID resolvers > would become vastly more simple, interop would receive a significant > boost, and application developers could more easily embed these smaller > DID resolvers and focus on writing applications. Also, if we combine > this approach with the path resolution approach above, a DID resolver > that worked across all DID methods could be entirely implemented using > only HTTP for all HTTP-based service requests. > > Note that there may also be some economic opportunities for trusted > resolution services that could arise from this model. Joe, Manu, Dave and I had some conversations about this at the AirBnB but they never got recorded in a way that the rest of the group heard, so I should probably write that down. Say you want to retrieve a DID... how do you do it? You have three resolution methods: 1) Run a full node, of all DID methods you'd consider using. Definitely not feasible for most users. 2) Run a full node of one or a few DID methods. More feasible, but still not feasible for many users. Though as Dave says above, someone already participating in a DID method could do this at little extra cost... in fact, maybe even at some profit (see 4 & 5). 3) Don't run a full node yourself, but connect to a number of nodes over a general-purpose DID resolution service. Retrieve the same DID from several random nodes to have some level of reasonable assurance that the object you get back really is the object it says it is. Unfortunately, on its own, the economics of this may be fairly poor... a lot of leeching without an incentive to be a provider. (But someone would "step up" to volunteer for this? After all there are public DNS servers one can connect to...) 4) Have a trusted, probably paid relationship with some well known entity. You trust this entity, so they're hooked into the full system, and you just believe what they tell you, or rely on the proofs they distribute (however I think of the proofs for the methods using a blockchain require being a full node to be *really* sure... maybe less true for IPID) 5) Have a peer-to-peer resolution system speaking a common protocol where you can get "paid" to distribute correct DIDs. Filecoin may be inspiration here. One question I have with 4 (paid edition) and 5 is: we're selling DIDs pretty hard on being a system that everyone is able to participate in regardless of socioeconomic status. It seems to me from thinking through the above that we may be at risk of adding some significant level of expense to play, but it's not clear until we've actually built and tested such a system. On the upside: - #4 and #5 answer the "who pays for it" question nicely, which always gets asked - Participating in #4 or #5 should be pretty easy once you're already participating in the method, as I think Dave was trying to convey above - In #5 at least you could imagine being able to trade-your-way towards easier participation in the system. Perhaps there are lower-hanging-fruit DIDs (IPFS/IPID?) which provide less longevity guarantees but which are easier to retrieve and "trade up" for the systems that require holding a full node. What do people think? - Chris
Received on Monday, 27 November 2017 19:22:40 UTC