- From: =Drummond Reed <drummond.reed@evernym.com>
- Date: Tue, 12 Jun 2018 20:40:15 -0700
- To: Chris Boscolo <chris@boscolo.net>
- Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
- Message-ID: <CAAjunnY6XGwPhRH7+3OFFqT-cfdKQp+wAU_i=UbeB44xHf-2vA@mail.gmail.com>
On Tue, Jun 12, 2018 at 5:18 PM, Chris Boscolo <chris@boscolo.net> wrote: > During the W3C call this morning, one issue that was highlighted was > whether or not a DID needs to support the ability to be revoked in order to > claim compliance with the standard. > Good question, Chris. I can't check right at the moment but I believe we said it was optional for a DID method to support revocation. So a DID method specification simply needs to say: 1. Is revocation supported? 2. If so, how? We recommended that any DID method capable of supporting revocation do it by nulling out the DID document. > > This prompted a question for me. Does anyone know how many of the DID > methods supported via https://uniresolver.io/ do the revocation check as > part of the read/verify step? > I don't offhand but maybe Markus does? > > Also, in re-reading the DID spec, I notice it does not specifically > mention doing this check during the Read/Verify step. Would it be worth > adding some language clarifying that implementors should do this? > If the recommended method of revocation is to null out the DID document, then no additional work is necessary: if the return is a null DID document, the DID is revoked. So the revocation check is only necessary if the DID method has a different way of doing revocation. In which case I would agree that it should be recommended to check it on resolution. =Drummond
Received on Wednesday, 13 June 2018 03:40:41 UTC