Re: Experimental did:cel Witness Service (open-source) from Jori Lehtinen on 2026-03-11 (public-credentials@w3.org from March 2026)

From: Jori Lehtinen <lehtinenjori03@gmail.com>
Date: Wed, 11 Mar 2026 23:20:21 +0200
To: Filip Kolarik <filip26@gmail.com>
Cc: W3C Credentials CG <public-credentials@w3.org>
Message-ID: <CAA6zkAtQ=nMPshDY+B+euvPqRZyx2aYUcZzdckyYXFwEGpJ0BQ@mail.gmail.com>

>And perhaps there’s some miscommunication, how do we envision an
identifier’s life cycle? Should it last as long as possible, or be replaced
over time?

I think this varies per usecase as DIDs can identify pretty much anything.

A transaction or a session might have just an empheral did.

An shipment or order, might last until delivered or some years of book
keeping time.

DID of an academic publisher or public figure might be intented to last
beyond their lifetime.

Atleast that is how I see it.

And if I have understood the heartbeat concept correctly, as a keep-alive
signal or ttl refill (DID being actively used) In some implementations the
identifier lasts as long as it is actively used or preserved. And dropped
when it is inactive/unattented for long enough.



ke 11.3.2026 klo 11.01 ip. Filip Kolarik <filip26@gmail.com> kirjoitti:

> I don’t share the concern about log size becoming unsustainable over a
> decade or two, for all the reasons others have mentioned. One thing to
> note: an identifier’s life cycle depends on its use case. Which identifiers
> should really last a decade? I can think of only something like CA roots.
>
> And perhaps there’s some miscommunication, how do we envision an
> identifier’s life cycle? Should it last as long as possible, or be replaced
> over time?
>
> Anyway, the witness and provision service [1] now supports post-quantum
> ready DI cryptosuites [2]: mldsa44-jcs-2024, mldsa44-rdfc-2024,
> slhdsa128-jcs-2024, slhdsa128-rdfc-2024.
>
> and here’s a new live oblivious witness signing with the VC DataIntegrity
> cryptosuite mldsa44-jcs-2024:
> https://witness-purple-5qnvfghl2q-uk.a.run.app
>
> Thank you, Patrick and Stephen, for sparking this discussion!
>
> [1] https://github.com/filip26/iron-did-cel
> [2] https://w3c-ccg.github.io/di-quantum-safe/
>
> On Wed, Mar 11, 2026 at 8:02 PM Manu Sporny <msporny@digitalbazaar.com>
> wrote:
>
>> On Wed, Mar 11, 2026 at 2:09 PM Jori Lehtinen <lehtinenjori03@gmail.com>
>> wrote:
>> > I think it is not so much about the actual size, but how much a
>> cloud-provider charges you if you want to host these logs at scale.
>>
>> Yes, that's a good consideration.
>>
>> Github (free tier) has a 5GB soft limit per repository.
>> Google Drive (free tier) has a 15GB limit.
>> Dropbox (free tier) has a 2GB limit.
>>
>> AWS S3 storage for 5GB would be approximately $0.115 per month.
>>
>> Not bad... we should run some numbers to see how did:cel and did:webvh
>> fare under something like MLDSA PQ signatures. I will note that GregB
>> has been doing some good work on the post-quantum Data Integrity
>> specs, including JCS support.
>>
>> -- manu
>>
>> --
>> Manu Sporny - https://www.linkedin.com/in/manusporny/
>> Founder/CEO - Digital Bazaar, Inc.
>> https://www.digitalbazaar.com/
>>
>>

Received on Wednesday, 11 March 2026 21:20:37 UTC