W3C home > Mailing lists > Public > public-did-wg@w3.org > August 2020

Re: DID WG Special Topic Call (Service Endpoints)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Fri, 28 Aug 2020 09:44:03 -0400
To: daniel.hardman@evernym.com
Cc: W3C DID Working Group <public-did-wg@w3.org>
Message-ID: <cb860a2c-927f-7b7e-7b2f-4c2e4cf55eb5@digitalbazaar.com>
On 8/27/20 12:08 PM, Daniel Hardman wrote:
> Agreed. That's a conceptual problem. But it's not a deficiency with the
> spec; it's a problem with an unwise impl.

Agreed with much of what you said, Daniel.

Ultimately, the problem is that developers need to be educated about
this danger... many won't read the spec in detail... we have over 70 DID
Methods now.

What are the chances that a non-trivial subset of them implement
unwisely? My guess is the chances are pretty high, and that weakens the
ecosystem.

We do have an option to not give developers foot guns... and we should
try very hard not to do that. I'm afraid that non-normative
documentation is better than nothing, but not good enough.

Here's what the group resolved yesterday (pending 7 days for objections
to the resolutions):

RESOLVED: Discuss in a non-normative appendix how one might model
Service Endpoints that preserve privacy.

RESOLVED: Define an abstract data model for serviceEndpoints in
normative text, like we have done with verification methods.

RESOLVED: Define how you do service endpoint extensions using the DID
Spec Registry.

I wish we would do more than that... but it's a start.

-- manu

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches
https://tinyurl.com/veres-one-launches
Received on Friday, 28 August 2020 13:44:18 UTC

This archive was generated by hypermail 2.4.0 : Friday, 28 August 2020 13:44:19 UTC