- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Tue, 14 Jan 2020 10:59:52 -0500
- To: public-did-wg@w3.org
On 1/12/20 9:39 PM, Brent Zundel wrote: > We will use the call to determine what questions need to be > addressed around the topic of the abstract data model, JSON/JSON-LD I believe the purpose of this call is to gather questions that need to be addressed, agree on the "things that we disagree on", gather concerns, and other useful things that will help drive the Face-to-Face DID WG Agenda. In that spirit, I'm going to try proposing some concerns, disagreements, and questions to get the ball rolling. Concerns -------- The JSON-LD model raises *conceptual* burden for implementers to the level that it will be rejected by any community that needs a JSON-only model. The JSON-LD model raises *implementation* burden for implementers to the level that it will be rejected by any community that does not want to pay that cost. The JSON-LD model forces implementers using JSON-only toolchains to "do JSON-LD processing". The JSON-only approach will lead to incompatible data models wrt. the JSON-LD data model. The JSON-only approach will lead to a different, incompatible extensibility model from JSON-LD which would create an interoperability rift between JSON-only processors and JSON-LD processors. The JSON-only approach would centralize the extensibility model for DID Documents. The JSON-only approach will lead to security vulnerabilities because features will not be globally unambiguous. Disagreements ------------- * Extensibility is being prioritized above security in the current DID specification. * IOT is the primary use case for DIDs by many orders of magnitude. * The IOT use case and use of JSON-LD are incompatible. * Data in DID Documents are not intended to be co-mingled with data retrieved from Verifiable Credentials. * JSON-LD makes the same mistakes that XML made in the late 1990s. Questions --------- * What is the technical use case that is made not possible due to the use of JSON-LD? * What are the specific technical implementation burdens that are created by the use of JSON-LD? * What are the specific costs of using JSON-LD DID Documents? * What is the definition of "JSON-LD Processing"? * What is the extensibility model for JSON-only DID Documents? * Do people understand that JSON-LD is a more restrictive subset of JSON, so JSON-LD is JSON and is designed to be a "Chimera document format"? * Does everyone understand that you do not need to go out to the network to process a JSON-LD document and that verifiers SHOULD NOT go out to the network to retrieve JSON-LD Context documents? -- manu -- Manu Sporny (skype: msporny, twitter: manusporny) Founder/CEO - Digital Bazaar, Inc. blog: Veres One Decentralized Identifier Blockchain Launches https://tinyurl.com/veres-one-launches
Received on Tuesday, 14 January 2020 16:00:01 UTC