Re: DID Spec "Hardening" Proposal (was: Re: DID PR review deadline: October 24) from Timothy Holborn on 2017-10-24 (public-credentials@w3.org from October 2017)

From: Timothy Holborn <timothy.holborn@gmail.com>
Date: Tue, 24 Oct 2017 07:51:02 +0000
To: "=Drummond Reed" <drummond.reed@evernym.com>
Cc: Credentials Community Group <public-credentials@w3.org>, Manu Sporny <msporny@digitalbazaar.com>, Christian Lundkvist <christian.lundkvist@consensys.net>
Message-ID: <CAM1Sok3ZxupqUnTLVJkqv6BzYbsrYi8cm9kZ_pwDQdy9Yd=NsA@mail.gmail.com>
looks good.

I've been working on 'upping the ante' and believe it is important you (we
all) are involved.  IMHO we have alot of stakeholders and we'll need to
ensure we're equipped, as to be inclusive in these decision making
processes.

Q:  does a bridge mechanism exist for DIDs to URIs?  i see "
https://hub.example.com/.identity/did:example:0123456789abcdef/" which
suggests it does...

note also (fyi): https://github.com/matrix-org/sydent

*"If you want your server to participate in the global replicated Matrix ID
service then please get in touch with us. Meanwhile, we are looking at ways
of decentralising the ‘official’ Matrix identity service so that identity
servers are 100% decentralised and can openly federate with each other.
N.B. that you can use Matrix without ever using the identity service - it
exists only to map 3rd party IDs (e.g. email addresses) to matrix IDs to
aid user discovery." *  Source: https://matrix.org/docs/guides/faq.html
which in-turn suggests, it might be a good POC target....

FWIW; i'd like to see the broader 'internet stack' get involved in these
sorts of 'problem solving' exercises.  I have been working on a plan around
how to produce a suitable environment to do so, respectfully to all
involved (whilst both unfortunately, and with difficulty - sometimes not
expressed in the best possible way).  IMHO: we cannot value economic
success upon our ability to provide others means of humanity.

We're best placed, by economically benefiting through the virtue of having
done so freely (or moreover, at our own expense).  Overall, i think this
stuff changes the topology and i'm very wary about how we do that, even
within this very small community (who seeks to influence the life of
billions of people; and the environment for which they / we - collectively
influence as a species).  IMHO stepping stones are reasonable assertions as
milestones to a defined pathway; yet, i'm not sure we've done that.  If we
have, please send me a URI...

Will put my 'did' at ease ;)

with best wishes.

Tim.H.

On Tue, 24 Oct 2017 at 18:01 =Drummond Reed <drummond.reed@evernym.com>
wrote:

> Folks,
>
> The good news was that there was a TON of interest in the DID spec at Internet
> Identity Workshop <http://www.internetidentityworkshop.com/> #25. I gave
> three complete presentations on it and we had several other related
> sessions.
>
> The bad news (well, not really) is that there was a ton of feedback.
> People are really starting to care deeply about making sure the DID spec,
> as the foundation for a global DPKI (decentralized public key
> infrastructure
> <https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust/blob/master/final-documents/dpki.pdf>),
> is solid as a rock.
>
> On the Friday after IIW I had a long breakfast with Christian Lundkvist
> of uPort where we discussed this and developed a proposal for how to handle *key
> descriptions* and *service descriptions* in a data graph so simple it can
> be serialized unambiguously in any modern format. Yesterday I wrote up this
> proposal in this Google doc
> <https://docs.google.com/document/d/1amDNmBqu8uXKeEqdoZ2RMaaxiUlqUKyKoyi8YgGWG6M/edit?usp=sharing>
> (publicly viewable by anyone with the link).
>
> This proposal also includes the recommendation that interoperability at
> the DID layer is so crucial that *every key description* and *every
> service description* should have a corresponding spec (even if fairly
> lightweight).
>
> I have not had a chance to share this with Manu or anyone else yet
> besides Christian (to make sure I got it right) and the Evernym DID team
> (as a sanity check and to get input on how it helps with DKMS support).
>
> We can of course translate this into an actual PR against the current
> draft spec—and we will do that when ready—but it seemed easiest to share it
> in this format first for discussion.
>
> Talk to you tomorrow,
>
> =Drummond
>
>
>
> On Thu, Oct 19, 2017 at 2:59 AM, Timothy Holborn <
> timothy.holborn@gmail.com> wrote:
>
>> Found a relevent IETF RFC[4] re: trust anchors[2]
>>
>> On Thu, 19 Oct 2017 at 18:09 Timothy Holborn <timothy.holborn@gmail.com>
>> wrote:
>>
>>> very quickly.  was looking at the overview[1] and saw the concept "root
>>> of trust <https://en.wikipedia.org/wiki/Trust_anchor>" which hyperlinks
>>> to Trust Anchor[2].  I suggest either defining a new wikipedia page for the
>>> term[3] rather than simply a redirect, or change the term used in the spec
>>> doc.
>>>
>>> more l8r.
>>>
>>> Tim.H.
>>>
>>> [1] https://w3c-ccg.github.io/did-spec/#overview
>>> [2] https://en.wikipedia.org/wiki/Trust_anchor
>>> [3]
>>> https://en.wikipedia.org/w/index.php?title=Root_of_Trust&action=history
>>>
>> [4] https://tools.ietf.org/html/rfc5914
>>
>>>
>>> On Thu, 19 Oct 2017 at 17:49 Timothy Holborn <timothy.holborn@gmail.com>
>>> wrote:
>>>
>>>> On Thu, 19 Oct 2017 at 08:20 Manu Sporny <msporny@digitalbazaar.com>
>>>> wrote:
>>>>
>>>>> On 10/18/2017 01:50 PM, Kim Hamilton Duffy wrote:
>>>>> > Manu -- what are your thoughts?
>>>>>
>>>>> Steven, at this point the only feedback we're looking for is only
>>>>> technical in nature and even then, based on whether the text reflects
>>>>> consensus at Rebooting the Web of Trust 5, which you weren't at.
>>>>>
>>>>
>>>> Is this a RWOT spec?
>>>>
>>>> If so, it should be marked as such.   This CG can then make one
>>>> inspired by it, if/as required.
>>>>
>>>> Therein, the spec should be moved to the RWOT repo?
>>>>
>>>>
>>>>>
>>>>> In other words, the spec isn't ready for your kind of valuable feedback
>>>>> yet... it would largely be a waste of your time to correct the large
>>>>> swaths of the spec text that may be confusing for non-implementers that
>>>>> are buried in the details right now.
>>>>>
>>>>> I expect that we may need your review help in a few months time from
>>>>> now. As always, thanks for offering and we will certainly take you up
>>>>> on
>>>>> it once it becomes a good use of your time.
>>>>>
>>>>
>>>> I'll review and have a look; and am not sure of the specifics, whilst
>>>> noting important principles herein.
>>>>
>>>> IMHO: it's important to be inclusive and the W3 IPR framework is not
>>>> unintentionally misaligned in some way that is against the spirit of this
>>>> structure.
>>>>
>>>> I  guess.  try not to oversimplify imho.  might end-up with unintended
>>>> consequences. (technically speaking).
>>>>
>>>>
>>>>> -- manu
>>>>>
>>>>> best wishes,
>>>>
>>>> tim.
>>>>
>>>>
>>> --
>>>>> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
>>>>> Founder/CEO - Digital Bazaar, Inc.
>>>>> blog: Rebalancing How the Web is Built
>>>>> http://manu.sporny.org/2016/rebalancing/
>>>>>
>>>>>
Received on Tuesday, 24 October 2017 07:51:41 UTC