Re: What’s after DIDs? from Daniel Thompson-Yvetot on 2019-07-30 (public-credentials@w3.org from July 2019)

From: Daniel Thompson-Yvetot <drthompsonsmagickindustries@gmail.com>
Date: Tue, 30 Jul 2019 18:49:42 +0200
To: Dave Longley <dlongley@digitalbazaar.com>
Cc: Henry Story <henry.story@gmail.com>, Credentials Community Group <public-credentials@w3.org>, Manu Sporny <msporny@digitalbazaar.com>
Message-ID: <CAF_jFpu+z4JnKrS1GXe8twnpgGP2F1nV=AhjNaSBAr=cEe4qzw@mail.gmail.com>

I guess my point is that any additional operations on a canonical DID ID
increase the overhead. And once we're thinking about resolving potentially
quadrillions or more of rows of id's - even with stored DB methods - such
ops force infrastructural overhead and presuppose backpressure.

If I can append a did directly to a base url resolver without needing to
parse for colons I can leverage existing and well known CRUD patterns and
still parse if I need to...



On Tue, 30 Jul 2019, 18:39 Daniel Thompson-Yvetot, <
drthompsonsmagickindustries@gmail.com> wrote:

> Dereferencing and parsing from the DID are two additional processes. Is
> there a real reason why it has to be : delimited instead of / delimited?
>
> On Tue, 30 Jul 2019, 18:05 Dave Longley, <dlongley@digitalbazaar.com>
> wrote:
>
>>
>> On 7/30/19 8:23 AM, Henry Story wrote:
>> >
>> >
>> >> On 30 Jul 2019, at 13:16, Henry Story <henry.story@gmail.com
>> >> <mailto:henry.story@gmail.com>> wrote:
>> >>
>> >> Would it be possible to make a minor extension to HttpSignature
>> >> so that one can use https WebIDs [0] just as a way to get a simple
>> >> thing going? That could be completely compatible with DIDs, but
>> >> would allow one to get going in cases where one does not need
>> >> all of the extra goodies that DIDs give one.
>> >>
>> >> I did some work on that to implement a server side HTTP-Signatures
>> >> and before that I worked on how one could use JS Crypto to create
>> >> keys in the browser.
>> >
>> >
>> > Actually I think one could get the two to get quite close by adding a
>> > notion of a KeyId ie perhaps an URI for a key that could be linked to
>> > a WebID. One could then have
>> >
>> > - https:// KeyIds. These could be located in the WebID Profile,
>> > in a different document on the same server, or perhaps even on
>> > a different server.
>> > - or dids.
>> >
>> > A WebID could point to the KeyID or DID (or perhaps these are
>> > the same?), and authentication using Https Signature could then
>> > pass both in the header. The DID for authentication, the WebID for
>> > social network type identifier, and the link from the WebID  to the
>> > Did/KeyId in the Profile Document would be the proof.
>>
>> My understanding is that HTTP signatures already supports something like
>> WebID-style authentication. Just use a URI for the `keyId` parameter.
>>
>> We already use HTTP signatures in conjunction with LD proofs and DIDs.
>> To my knowledge, it wouldn't work any differently if the `keyId` pointed
>> at a key that resolved to a document that referenced a WebID as its
>> `controller`. You'd then dereference that WebID to ensure its profile
>> document had an appropriate back link to the key. (This is generally how
>> LD proofs work, so it is agnostic to DIDs or WebIDs).
>>
>>
>> >
>> > Henry
>> >
>> >>
>> >> Henry
>> >>
>> >> [0] https://www.w3.org/2005/Incubator/webid/spec/identity/
>> >> [1] https://github.com/read-write-web/akka-http-signature
>> >> [2] https://github.com/read-write-web/solid-client
>> >>
>> >>> On 30 Jul 2019, at 04:22, Manu Sporny <msporny@digitalbazaar.com
>> >>> <mailto:msporny@digitalbazaar.com>> wrote:
>> >>>
>> >>> On 7/29/19 1:35 PM, Joe Andrieu wrote:
>> >>>> TL;DR What’s after DIDs?
>> >>>
>> >>> From a technical standards perspective, these are currently pain
>> points
>> >>> for Digital Bazaar and our customers that seem like we might be able
>> to
>> >>> collaborate on with other developers / companies in this group:
>> >>>
>> >>> * True multi-DID interop
>> >>> * True multi-wallet/issuer/verifier interop
>> >>> * Collaboration on the Credential Handler API
>> >>> * Linked Data Proofs/Signatures (W3C WGs for these)
>> >>> * Secure Data Hubs (or, how do we make storage privacy-aware
>> >>>  and self-sovereign)
>> >>> * Verifiable Credentials 1.1 (we're not done yet)
>> >>> * Verifiable Credentials Extensions
>> >>> * VC/DID/LDP Registries
>> >>>
>> >>> There are non-technical things we should do as well:
>> >>>
>> >>> * Non-Violent Communication (and other approaches) to mend some of the
>> >>>  damage across the identity community
>> >>> * Field Work - More Use Cases from real people/customers
>> >>> * Bite sized material to communicate our work to the general public
>> >>>
>> >>> -- manu
>> >>>
>> >>> --
>> >>> Manu Sporny (skype: msporny, twitter: manusporny)
>> >>> Founder/CEO - Digital Bazaar, Inc.
>> >>> blog: Veres One Decentralized Identifier Blockchain Launches
>> >>> https://tinyurl.com/veres-one-launches
>> >>>
>> >>
>> >
>>
>>
>> --
>> Dave Longley
>> CTO
>> Digital Bazaar, Inc.
>> http://digitalbazaar.com
>>
>>

Received on Tuesday, 30 July 2019 21:38:08 UTC