15:49:38 RRSAgent has joined #did 15:49:42 logging to https://www.w3.org/2025/01/16-did-irc 15:49:44 rrsagent, draft minutes 15:49:46 I have made the request to generate https://www.w3.org/2025/01/16-did-minutes.html Wip 15:49:49 rrsagent, make logs public 15:49:55 Chair: Will Abramson 15:50:00 Agenda: https://lists.w3.org/Archives/Public/public-did-wg/2025Jan/0006.html 15:50:04 present+ 15:57:59 denkeni has joined #did 16:00:41 markus_sabadello has joined #did 16:01:00 present+ 16:01:28 KevinDean has joined #did 16:01:34 present+ 16:01:56 JoeAndrieu has joined #did 16:02:04 present+ 16:02:08 present+ 16:02:43 present+ 16:04:31 present+ 16:04:50 https://w3c.github.io/scribe2/scribedoc.html 16:04:51 scribe+ 16:05:19 JennieM has joined #did 16:05:22 Scribe instructions: https://w3c.github.io/scribe2/scribedoc.html 16:05:29 present+ 16:05:30 Wip: explains how to scribe. try to capture what is being said. 16:05:38 ... you can use ellipses to indicated continuation 16:05:57 ... Anytime if you need to interupt to slow down, that's fine 16:06:09 ... If you just put a couple ??? other people can often fix what you miss 16:06:26 smccown has joined #did 16:06:28 ... Let's get started 16:06:54 ... Agenda: chair announcement, then core, then resolution issues 16:07:04 ... Anyone for introductions? 16:07:26 Topic: Chair Update 16:07:26 ... Ok. Into the first topic. 16:07:49 ... Gabe, unfortunately has to step down. I want to thank him for his effort. He's been great to work with. He'll be missed. 16:07:57 ... We are looking for another chair. Might take a few weeks. 16:08:07 ... I wanted to take time for questions and concerns. 16:08:27 ... I'm confident I can keep things moving. Dan is helping as back up, but hopefully we can get a new chair in quickly. 16:08:35 q? 16:08:50 ... Ok. Next. 16:08:55 Topic: DID Core 16:09:08 https://github.com/w3c/did-core/pulls 16:09:12 ... Manu reports its in good shape. 16:09:18 ... We went over all the PRs next week. 16:09:34 ... If anyone has a specific topic, I'm tempted to skip and spend the rest of the time on did resolution. 16:09:39 q+ 16:09:44 ... Normally I give Manu 5 min to update and he's not here. 16:09:45 ack markus_sabadello]# 16:09:50 ack markus_sabadello 16:10:04 https://github.com/w3c/did-core/pull/877 16:10:07 markus_sabadello: I agree. We'd need Manu to talk about some of these in detail, but he'd probably want to mention PR 877 16:10:19 ... which adds the reference to the controlled identifier specification 16:10:34 ... so that instead of defining our own, we are using that as our base. 16:10:43 ... I've started reviewing it, but will need more time. 16:10:53 ... Others are encouraged to take a look and review it. 16:11:08 wip: the other three open PRs were raised by me, they are all minor. 16:11:22 q? 16:11:31 Topic: DID Resolution 16:11:45 ... Markus do you want to start us with the two open PRs 16:12:03 https://github.com/w3c/did-resolution/pull/107 16:12:09 markus_sabadello: sounds good. I merged a couple since last week, mostly related to dereferencing 16:12:25 https://github.com/w3c/did-resolution/pull/108 16:12:27 ... I think that one is good, but more reviews would be better 16:12:38 ... 108 adds additional considerations to https binding 16:12:58 ... #108 for some reason hasn't yet passed validation. Some html mistake I think 16:13:21 ... Open for reviews. If you are interested or have thoughts on https binding. 16:13:36 q? 16:13:44 https://github.com/w3c/did-resolution/issues?q=is%3Aissue%20state%3Aopen%20label%3Adiscuss 16:13:55 So we are going to go over 4 issues labeled discuss. 16:14:15 scribe+ 16:14:33 subtopic: https://github.com/w3c/did-resolution/issues/93 16:14:38 wip: I'm going to go through these in order starting with Issue 93 16:14:54 ...Issue 93 - should we be making https binding necessary 16:15:16 markus_sabadello interesting question, came up in comment earlier in working group related to different issue 16:15:31 ... to explain, https binding how client can invoke function over http endpoint 16:15:49 ... don't always need it, when you resolve did, no need to ?? can be done locally 16:15:50 s/markus_sabadello/markus_sabadello:/ 16:16:26 ...therefore this question came up who would have to implement it, something every DID method would have to provide or something a resolver would have to support as a client to talk to ? resolver, what this topic is about. any thoughts? 16:16:29 q+ 16:16:35 ack Wip 16:17:04 Wip: I think to me, I know Joe cares about this, if everyobody is exposing http url way to have interoperability 16:17:13 q+ to say I think its methods, not the resolver that has the requirement 16:17:19 ack JoeAndrieu 16:17:19 JoeAndrieu, you wanted to say I think its methods, not the resolver that has the requirement 16:17:30 ...challenge when I'm devoting resolvers locally that don't have to be ?? 16:17:32 q+ 16:18:15 ack markus_sabadello 16:18:27 JoeAndrieu: I do think the best route for an ecosystem is for every method to have at least one http resolver so that if you run into such a DID there is a way your software already has the interfaces if there is already a resolver. don't think we need every one to have a binding, but there must be one that has that binding. 16:18:28 bigbluehat has joined #did 16:18:46 q+ 16:18:55 markus_sabadello: agree with Joe that this is a conversation that happens around interoperability, if you have the https biding you do increase interop 16:19:17 present+ 16:19:21 present+ 16:19:24 q+ 16:19:33 . . . where this feels strange is did: key and did:? Very weird to call a remote https endpoint to resolve did:key, who would host and be in charge of deploying a resolver 16:19:35 q+ to say software not service 16:19:35 ack Wip 16:20:11 ack pchampin 16:20:18 Wip: I think it sounds like a good requirement to ask DID methods to maintain https, not sure where it should go. DID: Core Spec? DID: Resolver? 16:21:23 pchampin: point to Markus about did:key, think it would make sense to include a https endpoint, if you don't know the DID method you can rely on ? but you can generate the did document from the DID itself. Not absolutely stupid in my opinion to have this service but suboptimal 16:22:05 ack JoeAndrieu 16:22:05 JoeAndrieu, you wanted to say software not service 16:22:06 . . . not sure if we made it a requirement to have an http endpoint, but kind of thing that should be available in DID Method Registry / List, maybe criteria in Rubric, is it usable in one or several? 16:23:09 JoeAndrieu: interesting disconnect in the way we're talking about this. I would be very opposed to this, could have a local, didn't realize that if you had to do https locally, that would be annoying. If you had to do did:key, not so much that someone would run a resolver for did:key, but a piece of software, note app or apache app 16:23:09 q+ 16:23:19 ack markus_sabadello 16:23:26 Wip: next steps to move this from discuss to action 16:24:28 q+ to say I don't think a URL for a resolver is the right solution. this, IMO, is a DID method requirement, hence part of did core 16:24:31 q+ 16:24:35 ack JoeAndrieu 16:24:35 JoeAndrieu, you wanted to say I don't think a URL for a resolver is the right solution. this, IMO, is a DID method requirement, hence part of did core 16:24:36 markus_sabadello: not something that would be part of Method Spec. Think what Joe said was also interesting. Add to Extension Registry where ? Link in Registry to public resolver 16:25:25 ack Wip 16:25:36 JoeAndrieu: very opposed to putting live URLs in registry to use for a resolver. Methods themselves, if we want this form of inter, goes into DID:Core - any DID method that wants to be conformant should have one resolver that you can access of HTTP 16:25:49 https://www.w3.org/TR/did-core/#methods 16:26:14 q? 16:26:14 q+ 16:26:16 Wip: would also feel uncomfortable putting it in Registry, would think it should go into did-core. But, can we make that change as a group? 16:26:18 ack markus_sabadello 16:26:32 q+ to ask if we are talking about referencing HTTP software then? or some sort of protocol mapping? 16:26:35 markus_sabadello: so requirement would be there has to be one piece of software or one implementation 16:26:42 ack bigbluehat 16:26:42 bigbluehat, you wanted to ask if we are talking about referencing HTTP software then? or some sort of protocol mapping? 16:26:48 Wip: i was thinking more did methods SHOULD 16:28:19 bigbluehat: I just want to clarify what we're talking about. When Joe talks about it t sounds like a piece of software, open source did protocol wrapper, which ? easy route would be for me to get that software and communicate over http, never implement more of the value of the DID method. If implementation is one for each method, raises questions 16:28:20 about who is maintaining, proprietary did methods, how does this work? 16:28:58 ... or are we saying with your did method, provide some protocol mapping, here is how it should map into your did method, work you would have to do if you want to stay at http layer. maybe I've missed the driver behind this, apologize if this seems out of synch 16:29:29 s/about who is maintaining/... about who is maintaining/ 16:29:47 q? 16:29:53 Wip: first I will say is I want to move on from the discussion, didn't get to Actions, but appreciate if people can add their next steps to Issue. Could this be a pathway to interoperability to resolve it without having to implement ? kind of a fallback. Unless any final comments, would like to move on 16:30:26 +1 to consider those as fallbacks 16:30:30 subtopic: https://github.com/w3c/did-resolution/issues/102 16:30:45 ... proofs of inclusion at a particular state in time 16:31:08 ... If a resolve executes resolution for a particular time, to include some sort of proof that the did document is legit and accurate 16:31:36 ... There's two parts: 1. we should allow that people can provide these proofs. There is an extensible mechanism for that. The did document metadata. 16:31:50 ... 2. but not all did methods have that available 16:31:51 q+ 16:31:54 ack markus_sabadello 16:31:54 ... What next steps? 16:32:18 markus_sabadello: this has to do with questions around trust in the resolution process, and the client being able to verify something about the process. 16:32:36 ... some are doing this already. did:indy returns state proofs. 16:32:49 q+ 16:32:49 ... did:webvh also returns some proofs about the did document 16:33:28 ack Wip 16:33:29 ... I think it would be out of scope to standardize the format or data model, since those could be very different depending on the DID method, but we may be able to assign a property in the did document meta data where this is reported. 16:33:58 wip: I agree. Next step could be to define a property that is just a placeholder. If you're going to do it, put it here. If you're a resolver, you can check it if it exists. 16:34:26 ... Also, maybe we could clarify about running resolution infrastructure locally. The best way to have confidence is to run your own resolver. 16:34:32 q? 16:34:41 q+ 16:34:47 wip: anyone opposed to that? 16:34:48 ack markus_sabadello 16:35:07 markus_sabadello: I will add there are some other open issues about other types of proofs related to DIDs and DID documents 16:35:25 ... There could also be proofs in a DID Document about links / bindings between DIDs and other types of identifiers. 16:35:42 ... How to verify a link between a DID and a domain name, which could also provide proofs either in the DID Doc or metadata. 16:36:06 ... In this issue we are talking specifically of proofs of the DID method itself, to verify the DID doc is the correct doc for the DID 16:36:07 q? 16:36:32 q+ 16:36:55 joeandrieu: do we have a parameter for toggling these extra proofs? 16:36:56 ack markus_sabadello 16:37:10 markus_sabadello: we have the did resolution function, which is abstract, returns three documents 16:37:27 ... on that level, we don't have a resolution option or parameter that controls whether or not metadata is returned, 16:37:58 ... but we do have it in the https binding (see the open PR). there's a context negotiation to request from a remote http endpoint, either just the DID Doc or DID DOc with metadata. 16:38:13 s/context/content/ 16:38:14 s/context negotiation/content negotiation/ 16:38:36 wip: maybe there's a new property. I'll create an issue in the resolution repo so we can discuss it. 16:38:45 subtopic: https://github.com/w3c/did-resolution/issues/8 16:38:55 ... next is discovery of DIDs from other identifiers 16:39:09 q+ 16:39:11 ack markus_sabadello 16:39:29 markus_sabadello: some of this exists already. 16:39:40 ... ietf has a draft for DIDs from domain name. 16:39:50 ... how much might we want to say about that in DID resolution 16:40:47 q+ to say seems wildly out of scope, but I could see a how to prove a DID reference 16:40:51 ack JoeAndrieu 16:40:51 JoeAndrieu, you wanted to say seems wildly out of scope, but I could see a how to prove a DID reference 16:40:54 q+ 16:41:02 scribe+ 16:41:14 JoeAndrieu: This feels out of scope. How you get to a DID from the outside world 16:41:41 ... Maybe we should say something about if a DID is refered to somewhere there is a proof mechanism about how you can verify the control of a DID 16:41:53 ... You could sign a statement to say this DID is related to that domain name 16:42:04 ... this could be a legitimate way to verify proof of control 16:42:10 ack markus_sabadello 16:42:39 markus_sabadello: I wonder if those are two different things. One is discovering a DID, which is maybe simple and out of scope. The second might be making that verifiable. 16:42:56 q+ 16:43:00 ... so that might be a way to prove bidirectional control 16:43:11 ... lot of work in that area. Might be worth talking about in our specs. 16:43:25 ... This could also involve existing properties like alsoKnownAs 16:43:34 ack Wip 16:43:41 ... so two topics might help us resolve the issue 16:44:04 wip: proof of control that some identifier is part of another. doesn't seem like resolution 16:44:15 joeandrieu: not sure its resolution either 16:44:26 wip: so maybe we could raise an issue in DID core 16:44:29 q? 16:44:34 subtopic: https://github.com/w3c/did-resolution/issues/5 16:44:48 ... Next discussion is about deactivation. 16:44:50 q+ 16:45:03 wip: Ankur has a nice proposal. 16:45:07 ack markus_sabadello 16:45:37 markus_sabadello: this is about being able to tell if a DID is deactivated or was never created 16:45:52 q+ 16:46:03 ... the current spec says that no did document is return and metadata stays deactivated = true 16:46:17 q+ to ask about https binding without metadata 16:46:31 ack Wip 16:46:38 markus_sabadello: this was once considered an error, but it's really a metadata factor 16:46:58 wip: I like your proposal, markus_sabadello 16:47:12 ... ankur wanted to still return the DID document 16:47:35 ... but that could be confusing, so maybe have a flag to include the did document even if it is deactivated 16:47:36 ack JoeAndrieu 16:47:36 JoeAndrieu, you wanted to ask about https binding without metadata 16:47:58 JoeAndrieu: If its deactivated, is there a legitimate DID document if it is not bounded in time 16:48:02 dmitriz has joined #did 16:48:06 ... I dont think there should be a DID document coming back 16:48:22 q+ 16:48:42 ... I had a separate question to do with HTTPS binding. If I use a binding to just get a DID document, do I get the metadata that says deactivated 16:48:50 ack markus_sabadello 16:48:52 markus_sabadello: yes, has been proposed that a did resolution option could override behavior, even if deactivated 16:48:54 q+ 16:49:30 ... and about https binding does talk about that. If you request only the DID document without metadata, you don't get the did document. 16:50:07 ... in the https binding, we also have a bunch of error codes. If the did is deactivated with an http code 410, which is also something that could be discussed. 16:50:26 ... because in http that is an "error" but for us it isn't (the server could be operating correctly) 16:50:36 ack smccown 16:50:52 smccown: when we are using the term deactivated, does that encompass the idea of deleting 16:50:55 q+ 16:51:00 q+ 16:51:00 q+ 16:51:14 ack Wip 16:51:34 wip: I think that is a difference in DID methods, you can remove the fact that the DID ever existed. 16:51:49 ... with did:web f you take down that server, you can't tell. 16:51:56 ... I don't know what we do with it. 16:52:01 ack markus_sabadello 16:52:22 markus_sabadello: a lot of early methods were based on ledgers, so it's unfeasible to delete 16:52:40 ... but steve is correct, some did web methods like did:web you can delete and can't detect it. 16:53:04 ack JoeAndrieu 16:54:15 Note that update and deactivate are optional for DID methods to support. 16:55:01 joeandrieu: unfortunately, the difference between deactivate and and never existing is a conformance requirement, so methods that cannot distinguish between these two are, in fact, non-comformant 16:55:15 q? 16:55:18 wip: so the question is do we need any changes 16:55:38 The did methods's return value could have both a "deactivated" (and return the did doc) or it could also have a "did not found" 16:56:00 q+ 16:56:31 ack markus_sabadello 16:57:40 wip: thanks all 17:09:08 rrsagent, makeminutes 17:09:08 I'm logging. I don't understand 'makeminutes', Wip. Try /msg RRSAgent help 17:09:23 rrsagent, make minutes 17:09:24 I have made the request to generate https://www.w3.org/2025/01/16-did-minutes.html Wip 17:09:37 zakim, end the meeting 17:09:37 As of this point the attendees have been Wip, denkeni, KevinDean, TallTed, ivan, JoeAndrieu, markus_sabadello, JennieM, pchampin, bigbluehat 17:09:39 RRSAgent, please draft minutes 17:09:41 I have made the request to generate https://www.w3.org/2025/01/16-did-minutes.html Zakim 17:09:46 I am happy to have been of service, Wip; please remember to excuse RRSAgent. Goodbye 17:09:47 Zakim has left #did 17:31:22 RRSAgent, bye 17:31:22 I see no action items