Re: DID Method requirements (revocability) from =Drummond Reed on 2018-06-13 (public-credentials@w3.org from June 2018)

From: =Drummond Reed <drummond.reed@evernym.com>
Date: Tue, 12 Jun 2018 21:41:29 -0700
To: Chris Boscolo <chris@boscolo.net>
Cc: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <CAAjunnaQmW=yevahytom=TE8PtbBzfFkU7Pp5ug9T_iJ62k0TA@mail.gmail.com>

Chris, your question has a precision I appreciate very much. And I do not
have a precise answer myself as the representation of "null" is, by my
experience, a topic which JSON developers and others can argue for hours,
and one which I agree we haven't

I know how we answered it with the OASIS XDI semantic data interchange
format, but that's not really relevant here, since we're using JSON-LD. So
I defer to Manu Sporny & David Longley as the JSON-LD specialists, and/or
to Markus as the DID resolver specialist.

On Tue, Jun 12, 2018 at 9:29 PM, Chris Boscolo <chris@boscolo.net> wrote:

> Thanks for the clarification, Drummond.
>
> With an eye toward interoperability, I have one clarifying question.
>
> If I query a DID what response indicates that it is revoked? (I could not
> find the answer in https://w3c-ccg.github.io/did-spec/)
>
>  1) The call returns an empty JSON doc like: {}
>  2) The call returns an empty doc such as: ""
>  3) Or something else?
>
> Thanks!
>
>   -chrisb
>
>
> On Tue, Jun 12, 2018 at 8:40 PM, =Drummond Reed <drummond.reed@evernym.com
> > wrote:
>
>> On Tue, Jun 12, 2018 at 5:18 PM, Chris Boscolo <chris@boscolo.net> wrote:
>>
>>> During the W3C call this morning, one issue that was highlighted was
>>> whether or not a DID needs to support the ability to be revoked in order to
>>> claim compliance with the standard.
>>>
>>
>> Good question, Chris. I can't check right at the moment but I believe we
>> said it was optional for a DID method to support revocation. So a DID
>> method specification simply needs to say:
>>
>>    1. Is revocation supported?
>>    2. If so, how?
>>
>> We recommended that any DID method capable of supporting revocation do it
>> by nulling out the DID document.
>>
>>
>>>
>>> This prompted a question for me.  Does anyone know how many of the DID
>>> methods supported via https://uniresolver.io/ do the revocation check
>>> as part of the read/verify step?
>>>
>>
>> I don't offhand but maybe Markus does?
>>
>>
>>>
>>> Also, in re-reading the DID spec, I notice it does not specifically
>>> mention doing this check during the Read/Verify step.  Would it be worth
>>> adding some language clarifying that implementors should do this?
>>>
>>
>> If the recommended method of revocation is to null out the DID document,
>> then no additional work is necessary: if the return is a null DID document,
>> the DID is revoked.
>>
>> So the revocation check is only necessary if the DID method has a
>> different way of doing revocation. In which case I would agree that it
>> should be recommended to check it on resolution.
>>
>> =Drummond
>>
>
>

Received on Wednesday, 13 June 2018 04:41:55 UTC