- From: Notifier <sysbot+notifier@w3.org>
- Date: Tue, 15 Jun 2021 07:18:58 +0000
- To: public-review-announce@w3.org
Decentralized Identifiers (DIDs) v1.0 https://www.w3.org/TR/2021/CR-did-core-20210615/ feedback due by: July 13, 2021 Published by Decentralized Identifier Working Group Abstract Decentralized identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. A DID refers to any subject (e.g., a person, organization, thing, data model, abstract entity, etc.) as determined by the controller of the DID. In contrast to typical, federated identifiers, DIDs have been designed so that they may be decoupled from centralized registries, identity providers, and certificate authorities. Specifically, while other parties might be used to help enable the discovery of information related to a DID, the design enables the controller of a DID to prove control over it without requiring permission from any other party. DIDs are URIs that associate a DID subject with a DID document allowing trustable interactions associated with that subject. Each DID document can express cryptographic material, verification methods, or services, which provide a set of mechanisms enabling a DID controller to prove control of the DID. Services enable trusted interactions associated with the DID subject. A DID might provide the means to return the DID subject itself, if the DID subject is an information resource such as a data model. This document specifies the DID syntax, a common data model, core properties, serialized representations, DID operations, and an explanation of the process of resolving DIDs to the resources that they represent. Status of the Document This section describes the status of this document at the time of its publication. Other documents may supersede this document. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w3.org/TR/. The W3C Decentralized Identifier Working Group has published this document as a W3C Candidate Recommendation and is requesting that software developers and DID Method specification authors provide experimental implementations designed to test the implementability of all of the features in this document. To exit the W3C Candidate Recommendation phase, the W3C DID Working Group will require two things: 1) for normative statements that are machine testable, at least two interoperable implementations per feature, and 2) for normative statements that are not machine testable, at least two demonstrations of implementation per feature. A feature is defined as one or more functionally related normative statements in the specification. At present, there exist 98 experimental DID Method specifications, 32 experimental DID Method driver implementations, a Candidate Recommendation test suite that determines whether or not a given implementation is conformant with this specification and 18 implementations submitted to the conformance test suite. Readers are advised to heed the DID Core issues and DID Core Test Suite issues that each contain the latest list of concerns and proposed changes that might result in alterations to this specification. This specific publication is the Second Candidate Recommendation publication for this specification. Changes since the First Candidate Recommendation include: * Addition of at risk markers to most of the DID Parameters, the data model datatypes that are expected to not be implemented, and the application/did+ld+json media type. This change resulted in the DID WG's decision to perform a second Candidate Recommendation phase. All other changes were either editorial or predicted in "at risk" issue markers. * Removal of the at risk issue marker for the method-specific-id ABNF rule and for nextUpdate and nextVersionId. * Clarification that equivalentId and canonicalId are optional. * Addition of a definitions for "amplification attack" and "cryptographic suite". * Replacing the use of publicKeyBase58 with publicKeyMultibase. * Updates to the DID Document examples section. * A large number of editorial clean ups to the Security Considerations section. Changes since the First Public Working Draft include: * The introduction of an abstract data model that can be serialized to multiple representations including JSON and JSON-LD. * The introduction of a DID Specifications Registry for the purposes of registering extension properties, representations, DID Resolution input metadata and output metadata, DID Document metadata, DID parameters, and DID Methods. * Separation of DID Document metadata, such as created and updated values, from DID Document properties. * The removal of embedded proofs in the DID Document. * The addition of verification relationships for the purposes of authentication, assertion, key agreement, capability invocation and capability delegation. * The ability to support relating multiple identifiers with the DID Document, such as the DID controller, also known as, equivalent IDs, and canonical IDs. * Enhancing privacy by reducing information that could contain personally identifiable information in the DID Document. * The addition of a large section on security considerations and privacy considerations. * A Representations section that details how the abstract data model can be produced and consumed in a variety of different formats along with general rules for all representations, producers, and consumers. * A section detailing the DID Resolution and DID URL Dereferencing interface definition that all DID resolvers are expected to expose as well as inputs and outputs to those processes. * DID Document examples in an appendix that provide more complex examples of DID Document serializations. * IANA Considerations for multiple representations specified in DID Core. * Removal of the Future Work section as much of the work has now been accomplished. * An acknowledgements section. Comments regarding this document are welcome. Please file issues directly on GitHub, or send them to public-did-wg@w3.org ( subscribe, archives). This document was published by the Decentralized Identifier Working Group as a Candidate Recommendation Snapshot. This document is intended to become a W3C Recommendation. GitHub Issues are preferred for discussion of this specification. Alternatively, you can send comments to our mailing list. Please send them to public-did-wg@w3.org (subscribe, archives). Publication as a Candidate Recommendation does not imply endorsement by the W3C Membership. A Candidate Recommendation Snapshot has received wide review and is intended to gather implementation experience. This Candidate Recommendation is not expected to advance to Proposed Recommendation any earlier than 13 July 2021. This document was produced by a group operating under the W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent which the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy. This document is governed by the 15 September 2020 W3C Process Document. -- This report was automatically generated using https://github.com/w3c/transition-notifier
Received on Tuesday, 15 June 2021 07:19:48 UTC