Re: Subject Identifiers (IETF SECEVENT) from Dmitri Zagidulin on 2021-04-10 (public-did-wg@w3.org from April 2021)

From: Dmitri Zagidulin <dzagidulin@gmail.com>
Date: Sat, 10 Apr 2021 12:31:07 -0400
To: Justin Richer <jricher@mit.edu>
Cc: W3C DID Working Group <public-did-wg@w3.org>
Message-ID: <CANnQ-L6+dm7Vm=CEa6ebfQcS9Dq565UHHGxXFLyLV39LoqG15g@mail.gmail.com>

Justin,

Thanks for bringing this to this group's attention -- that seems super
important, and like a great opportunity for DID adoption and interop!

As for what the format should be - great question. It seems to me that
having just a bare did be sufficient. But of course I'm curious to see the
discussion on this topic.

Dmitri

On Fri, Apr 9, 2021 at 3:36 PM Justin Richer <jricher@mit.edu> wrote:

> The Security Events working group in the IETF (SECEVENT) has a
> standards-track draft for describing “subject identifiers” in various
> contexts.
>
> https://tools.ietf.org/id/draft-ietf-secevent-subject-identifiers-07.html
>
> In short, it’s a way to say “this item is an email and here’s its value”,
> or “this item is an issuer/subject pair, here are those values”. This is
> useful in a variety of contexts where you want to identify someone but
> might have a variety of ways to do so.
>
> I spoke with the editor of the draft to propose that we add a “did” format
> into this document, now that DID core is reasonably stable and the CR is
> published. She agreed that it would make sense but would rather have the
> experts in the DID community propose the actual text for the added section.
> For comparison, this is the current text for the “acct:” URI scheme:
>
>    The Account Identifier Format identifies a subject using an account
>    at a service provider, identified with an "acct" URI as defined in
>    [RFC7565 <https://datatracker.ietf.org/doc/html/rfc7565>].  Subject Identifiers in this format MUST contain a "uri"
>    member whose value is the "acct" URI for the subject.  The "uri"
>    member is REQUIRED and MUST NOT be null or empty.  The Account
>    Identifier Format is identified by the name "account".
>
>    Below is a non-normative example Subject Identifier for the Account
>    Identifier Format:
>
>    {
>      "format": "account",
>      "uri": "acct:example.user@service.example.com",
>    }
>
>      Figure 4: Example: Subject Identifier for the Account Identifier
>                                   Format
>
>
>
>
> I’m willing to coordinate the pull request against the IETF spec to get
> this included, but I’d like to get feedback on what we include. Should the
> format be “did”? Should it include just the bare DID, or should it be a DID
> URL? Do we need two identifiers? I have a gut instinct for all of these
> answers, but I welcome input on the list here and I’d like to take a few
> minutes to discuss this on the upcoming Tuesday call.
>
> Thanks,
>
>  — Justin
>
>
>
>

Received on Saturday, 10 April 2021 16:32:36 UTC