- From: Stian Soiland-Reyes <soiland-reyes@manchester.ac.uk>
- Date: Wed, 20 Mar 2019 13:41:45 +0000
- To: Guy Kloss <guy@mysinglesource.io>
- Cc: public-prov-comments@w3.org
On Wed, 20 Mar 2019 14:54:34 +1300, Guy Kloss <guy@mysinglesource.io> wrote: > For the briefest of context: We are building a decentralised digital > identity system, in which identity attributes (claims) are being > attested by some party to become verifiably usable. We are expressing > quite some of the meta-data of the attestation process and linkage to > external entities (preceding attestations, documentation, etc.). > > Now, our problem resides in this: An identity in this system is uniquely > identified by a 'DID' (decentralised identifier, as specified by the > Decentralised Identity Foundation). This DID is in form similar to a > URN, along the lines of something like this: > > did:sov:8uQhQMGzWxR8vw5P3UWH1ja > > So it follows in some way the URN example of this RFC: > https://tools.ietf.org/html/rfc3986#section-3 As noted there a good guidance is also in https://tools.ietf.org/html/rfc7320 > We are using the Python PROV library by Trung Dong Huynh to generate the > provenance trail in PROV-N. Doing so I've been made aware that there is > a problem using the identifier (which in itself is fully qualified) with > the Python PROV library, however it has also raised the concern on which > way to use it is actually compliant with the PROV (or PROV-N) specs. > > Here are the ways I've attempted to use the DIDs: > > * Use them directly (without a defined provenance namespace), as they're > fully qualified already, but that has failed on the side of the PROV > library. This could theoretically just be a case of a lack in the lib. > I guess Dong would have to check/validate that. did: is registered in https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml and so should be OK to use in PROV as long as you are otherwise making valid URIs, which it seems from your examples. For a URI scheme arcp:// I found in Python I had to add it to the Python urllib library https://github.com/stain/arcp-py/blob/master/arcp/__init__.py#L110 to ensure they were registered as relative URI scheme, as I needed urljoin etc. to work, similar to in http and ftp schemes. However your URI scheme that is not using :// is presumably non-hierarchic (e.g. you can't resolve "../8uQhQMGzWxR8vw5P3UWH1ja") and so should not need such registration. Worth a try though! > * Register a namespace prefix `did`, that I've mapped to `did` as well, > and thus was able to use them directly within the document, and that > worked, but I don't know whether that output would be considered > compliant: > > document > ... > prefix did <did> You would need to map it to <did:> to make them absolute URIs, otherwise you would be mapping to ./did/sov:8uQ... as the : when using the prefix is not passed through expansion. It is unusual for prefixes to be used with ":" in the QNames as you are doing below, and I am not sure that is allowed by all the PROV syntaxes (in particular it would not be allowed in PROV-XML) You may want to bind a prefix for <did:sov:> instead. > * There is also a suggestion for a future spec to 'URL wrap' the DID, > but I feel uncomfortable to use that (yet) as this has been only > suggested less than a month ago, and not been ratified in any way, > yet. It 'works', but also here I'm not sure whether I'm doing it right > (plus, as indicated, I'd like to avoid it as it's still unconfirmed > and not used anywhere, yet): This would be my preferred option, but I would rather register http://w3id.org/did/ under https://w3id.org/ (which could redirect to your uniresolver.ui) as uniresolver.io does not sound like a domain name that could still be around in 5/10/15 years time. (Notable exceptions: https://doi.org/ https://identifiers.org/ ) -- Stian Soiland-Reyes The University of Manchester https://www.esciencelab.org.uk/ https://orcid.org/0000-0001-9842-9718
Received on Wednesday, 20 March 2019 13:42:12 UTC