RE: Propose vc-examples-registry work item.

Nevertheless, the original intention of the whole DID work remains to enable identifiers that can be created and used without a central authority.

NOTE: This [did:facebook] is not a serious proposal for a new DID method, but rather a thought experiment about the nature and objectives of DIDs. Personally, I think it is a contradiction to base DIDs on central registries or platforms such as Facebook or DNS…

Given the above, would it be fair to say that did:facebook, did: web and their ilk represent ‘creative application’ of the DID work rather than a purposeful desire for the work to support centralized / quasi-centralized scenarios as first class citizens?

 

-S

 

From: Markus Sabadello <markus@danubetech.com> 
Sent: Thursday, March 19, 2020 6:35 AM
To: Leonard Rosenthol <lrosenth@adobe.com>; Orie Steele <orie@transmute.industries>; Joosten, H.J.M. (Rieks) <rieks.joosten@tno.nl>
Cc: daniel.hardman@evernym.com; W3C Credentials CG (Public List) <public-credentials@w3.org>
Subject: Re: Propose vc-examples-registry work item.

 

We have had this discussion a few times before.

Yes it is technically possible to define DID methods based on centralized systems (e.g. the not-really-serious did:facebook method <https://github.com/peacekeeper/did-method-facebook/blob/master/did-method-facebook.md> ).
There are many DID methods where there is no simple yes/no answer if they are "decentralized" or not (e.g. the did:web method) <https://github.com/w3c-ccg/did-method-web> .

Nevertheless, the original intention of the whole DID work remains to enable identifiers that can be created and used without a central authority.

This is reflected in various places in the DID WG charter <https://www.w3.org/2019/09/did-wg-charter.html>  and the DID Core <https://w3c.github.io/did-core/>  spec.
Attempts to change this will likely result in significant resistance.

Regarding the use of the term "distributed ledger", personally I feel it's worth keeping that, since this is the technology that originally enabled DIDs and continues to be very important for it, even if not required. The DID Core spec currently uses the term "DID registry" for the thing where DIDs exist. Note that there is an open Github issue <https://github.com/w3c/did-core/issues/162>  for discussing alternative terms that may be a better fit.

Markus

On 3/18/20 10:58 PM, Leonard Rosenthol wrote:

I would be happy to do that…and I think it can be done w/o too much argument.

 

There is one other issue that Steve raises that we may also want to consider….which I am pretty sure is going to have stepping into a HUGE moat of alligators…Changing what the first ‘D’ in DID stands for.  It is indeed confusing to have a standard around Decentralized things that also supports Centralized things.

 

Could we change that ‘D’ to something like “Dedicated” or “Distributed” or ??  

 

Also, is this the right mailing list to discuss changing the DID spec on?  Is there a DID WG or related group and/or list??

 

Leonard

 

From: Orie Steele  <mailto:orie@transmute.industries> <orie@transmute.industries>
Date: Wednesday, March 18, 2020 at 4:05 PM
To: "Joosten, H.J.M. (Rieks)"  <mailto:rieks.joosten@tno.nl> <rieks.joosten@tno.nl>
Cc: Leonard Rosenthol  <mailto:lrosenth@adobe.com> <lrosenth@adobe.com>,  <mailto:daniel.hardman@evernym.com> "daniel.hardman@evernym.com"  <mailto:daniel.hardman@evernym.com> <daniel.hardman@evernym.com>, "W3C Credentials CG (Public List)"  <mailto:public-credentials@w3.org> <public-credentials@w3.org>
Subject: Re: Propose vc-examples-registry work item.

 

I'd welcome a PRs that removed the concept of ledgers from the did core spec entirely... its an answer to "How" it belongs in the implementation guide, it does not belong in the did core spec IMO.

OS

 

On Wed, Mar 18, 2020 at 11:01 AM Joosten, H.J.M. (Rieks) <rieks.joosten@tno.nl <mailto:rieks.joosten@tno.nl> > wrote:

I guess I fell for the suggestions in the spec that emphasize ledgers. I based my statement on texts such as the following from the current spec <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fdid-core%2F&data=02%7C01%7Clrosenth%40adobe.com%7C4d75d1c8c30d4d73b1e508d7cb77c1fc%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637201587528295518&sdata=Z1PAmdMoFCY4JGPQdoC5FLhGg7dSjrNoLImB4d0NhO4%3D&reserved=0> :

* Chapter 1, Introduction, paragraph 2 (entire text) states that DLTs provide the opportunity for fully decentralized identity management, and further elaborates on this, thereby strongly suggesting a focus on DLT's. I agree that this does not imply the converse.
*	Chapter 1, Introduction, paragraph 4: " <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fdid-core%2F%23dfn-did-methods&data=02%7C01%7Clrosenth%40adobe.com%7C4d75d1c8c30d4d73b1e508d7cb77c1fc%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637201587528295518&sdata=tOZ3N4xiq7k6U2fWuaVgzd4ZnXF40eJNkSNEGPm2ayw%3D&reserved=0> DID methods are the mechanism by which a  <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fdid-core%2F%23dfn-decentralized-identifiers&data=02%7C01%7Clrosenth%40adobe.com%7C4d75d1c8c30d4d73b1e508d7cb77c1fc%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637201587528305510&sdata=UxO7UZ2GchWQrBaiLSuGOrLOwY4WFU4t%2B%2FCw6p51wT4%3D&reserved=0> DID and its associated  <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fdid-core%2F%23dfn-did-documents&data=02%7C01%7Clrosenth%40adobe.com%7C4d75d1c8c30d4d73b1e508d7cb77c1fc%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637201587528305510&sdata=wZdTOem4RWGz9fdu1xn13pA91nnCOrUS8CqwTeQSUMI%3D&reserved=0> DID document are created, read, updated, and deactivated on a specific  <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fdid-core%2F%23dfn-distributed-ledger-technology&data=02%7C01%7Clrosenth%40adobe.com%7C4d75d1c8c30d4d73b1e508d7cb77c1fc%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637201587528305510&sdata=XuStfzFl2n0GFJN4hc1PWBG9IusAZjVH%2BKceV%2B3Frvw%3D&reserved=0> distributed ledger or network." The 'or network' is the escape here that seems to allow for different things than ledgers, but what that would mean does not become clear from the text itself.
* Chapter 2, Terminology, decentralized identifier (DID): "A globally unique identifier that does not require a centralized registration authority because it is registered with  <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fdid-core%2F%23dfn-distributed-ledger-technology&data=02%7C01%7Clrosenth%40adobe.com%7C4d75d1c8c30d4d73b1e508d7cb77c1fc%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637201587528315510&sdata=2Z47LFucxmmEg7wE%2FebCD2LDe52%2BtB2P1z%2F99Tv0ob8%3D&reserved=0> distributed ledger technology (DLT) or other form of decentralized network." Same as previous bullet.
* Chapter 2, Terminology, DID method): " A definition of how a specific  <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fdid-core%2F%23dfn-did-schemes&data=02%7C01%7Clrosenth%40adobe.com%7C4d75d1c8c30d4d73b1e508d7cb77c1fc%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637201587528315510&sdata=%2Bq0od1cEGS7azkmoqEM1rSW6XCTEgaU4PXf%2BWC5hIJQ%3D&reserved=0> DID scheme can be implemented on a specific  <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.w3.org%2FTR%2Fdid-core%2F%23dfn-distributed-ledger-technology&data=02%7C01%7Clrosenth%40adobe.com%7C4d75d1c8c30d4d73b1e508d7cb77c1fc%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637201587528325504&sdata=6tHPjg3W1m6cXaiuM6gP8CtjafWaA94RbuKKIVFhgnE%3D&reserved=0> distributed ledger or network". Same as previous bullet.

So you are right, while the use of DLT-stuff is (strongly) suggested by the standard, it is not required. 

 

With respect to 

* > the DID-stuff aims to enable interaction (communication) with the entity identified by the DID
* That’s also not something that I see mentioned anywhere in the DID spec.  Can you please quote a source?

That's the 4th sentence of the Abstract.

 

Rieks

 

From: Leonard Rosenthol <lrosenth@adobe.com <mailto:lrosenth@adobe.com> > 
Sent: woensdag 18 maart 2020 13:31
To: Joosten, H.J.M. (Rieks) <rieks.joosten@tno.nl <mailto:rieks.joosten@tno.nl> >; daniel.hardman@evernym.com <mailto:daniel.hardman@evernym.com> 
Cc: Orie Steele  <mailto:orie@transmute.industries> <orie@transmute.industries>; W3C Credentials CG (Public List) <public-credentials@w3.org <mailto:public-credentials@w3.org> >
Subject: Re: Propose vc-examples-registry work item.

 

> And rightfully so since the core DID spec  explicitly states that DID-stuff belongs on DLTs

> 

I think you need to re-read the spec again, as that is clearly *NOT* the case.

 

Right in Section 1 (Introduction), the first note is very clear on the topic:

 

NOTE: DID methods can also be developed for identifiers registered in federated or centralized identity management systems. Indeed, all types of identifier systems can add support for DIDs. This creates an interoperability bridge between the worlds of centralized, federated, and decentralized identifiers.

 

> the DID-stuff aims to enable interaction (communication) with the entity identified by the DID

> 

That’s also not something that I see mentioned anywhere in the DID spec.  Can you please quote a source?

 

Leonard

 

From: "Joosten, H.J.M. (Rieks)" <rieks.joosten@tno.nl <mailto:rieks.joosten@tno.nl> >
Date: Wednesday, March 18, 2020 at 4:27 AM
To: "daniel.hardman@evernym.com <mailto:daniel.hardman@evernym.com> " <daniel.hardman@evernym.com <mailto:daniel.hardman@evernym.com> >, Leonard Rosenthol <lrosenth@adobe.com <mailto:lrosenth@adobe.com> >
Cc: Orie Steele <orie@transmute.industries <mailto:orie@transmute.industries> >, "W3C Credentials CG (Public List)" <public-credentials@w3.org <mailto:public-credentials@w3.org> >
Subject: Re: Propose vc-examples-registry work item.

 

And rightfully so since the core DID spec  explicitly states that DID-stuff belongs on DLTs. Also, according to the same spec (see the abstract), the DID-stuff aims to enable interaction (communication) with the entity identified by the DID, which is quite different from schemas. 


So why specify that you need a DID to refer to a schema if we can generalize this to a URI? Doing so does not exclude DIDs since they are a specialization of URIs so you can still use the examples. 

Rieks 

  _____  

Van: Daniel Hardman <daniel.hardman@evernym.com <mailto:daniel.hardman@evernym.com> >
verzonden: woensdag 18 maart 2020 01:32
Aan: Leonard Rosenthol
Cc: Orie Steele; W3C Credentials CG (Public List)
Onderwerp: Re: Propose vc-examples-registry work item.

 

There is a clear bias there towards DIDs (and VC’s in general) that are based on ledgers of some fashion.

 

Touché. :-) 

 

This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. TNO accepts no liability for the content of this e-mail, for the manner in which you use it and for damage of any kind resulting from the risks inherent to the electronic transmission of messages.




 

-- 

ORIE STEELE 

Chief Technical Officer

www.transmute.industries <http://www.transmute.industries> 

 

 <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.transmute.industries%2F&data=02%7C01%7Clrosenth%40adobe.com%7C4d75d1c8c30d4d73b1e508d7cb77c1fc%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637201587528325504&sdata=9VsOWbcbM5uaIPYsQ3YrpijdlhSCSzWFKqPblJc6gkE%3D&reserved=0>