15:44:56 RRSAgent has joined #did 15:45:00 logging to https://www.w3.org/2025/01/30-did-irc 15:45:03 rrsagent, draft minutes 15:45:04 I have made the request to generate https://www.w3.org/2025/01/30-did-minutes.html Wip 15:45:09 rrsagent, make logs public 15:45:24 Meeting: Decentralized Identifier Working Group 15:45:31 Chair: Will Abramson 15:45:34 Agenda: https://lists.w3.org/Archives/Public/public-did-wg/2025Jan/0012.html 15:51:19 present+ 15:59:34 markus_sabadello has joined #did 16:00:22 present+ 16:01:09 present+ 16:01:43 KevinDean has joined #did 16:01:47 present+ 16:02:08 JoeAndrieu has joined #did 16:02:10 bigbluehat has joined #did 16:02:31 present+ 16:02:50 present+ 16:02:53 scribe+ 16:03:14 swcurran has joined #did 16:03:31 Topic: Agenda Review 16:03:56 Wip: because msporny can't join us, we're mostly going to focus on DID resolution 16:04:05 q? 16:04:06 ... anything else folks want on today's agenda? 16:04:26 smccown has joined #did 16:04:28 Topic: APAC DIDWg call 16:04:28 present+ 16:04:45 Wip: next week is the first Thursday of the month 16:04:48 present+ 16:05:01 ... we have been following a pattern of having APAC focused calls at a different time for that region 16:05:14 ... however, next week, I'm away next week 16:05:24 ... typically, I am also unable at this time, and neither is Dan 16:05:34 ... consequently, I'm going to have to cancel next week's call 16:05:44 ... unless someone on this call is willing to run the call 16:05:52 ... if you are interested in doing that, please reach out 16:05:59 present+ 16:06:16 ... we may also have someone in that timezone who can run the call and msporny should be there 16:06:31 ... I'd prefer not to cancel as we've heard there's good engagement on those calls 16:07:01 ... if we can find another chair, we could potentially move the call time to be friendlier for EU and APAC together 16:07:12 ... and have a US-side chair run this call 16:07:24 q? 16:07:24 ... just something to consider 16:07:26 q+ 16:07:30 ack markus_sabadello 16:07:35 JennieM has joined #did 16:07:40 present+ 16:07:56 markus_sabadello: if there's a call for EU and APAC calls, that would be a possibility for me 16:08:04 ... when is next week's call? 16:08:10 Wip: it's at 2 am your time 16:08:18 ... it's currently marked as tentative 16:08:36 ... I'm not hearing any strong concerns around cancelling it 16:08:49 ... so I will likely send out a cancellation for that next Tuesday 16:09:16 Topic: DID Resolution PR Updates 16:09:28 https://github.com/w3c/did-resolution/issues?q=is%3Aissue%20state%3Aopen%20label%3Aready-for-pr 16:09:36 Wip: I'd like to very quickly look through the things marked as "ready for PR" 16:09:50 ... if you have anything assigned to you and you're on the call, we could also talk about those 16:09:58 ... and assign the ones which are not yet assigned 16:10:08 ... let's start with the 3 that are not assigned first 16:10:09 subtopic: https://github.com/w3c/did-resolution/issues/109 16:10:24 Wip: first up, I have issue 109 16:10:36 ... markus_sabadello any comments? 16:10:38 q+ 16:10:40 ack markus_sabadello 16:10:44 ... or is anyone able to take this on? 16:10:50 markus_sabadello: that's an easy one 16:11:08 ... if you'd like to get into the commit history, this is a good first issue 16:11:30 swcurran: I'll take it 16:11:39 Wip: k. I'll assign it to you or maybe markus_sabadello can? 16:11:47 subtopic: https://github.com/w3c/did-resolution/issues/61 16:11:51 ... the next one that's ready is 61 16:11:57 q+ 16:12:01 ... service endpoint construction inconsistency 16:12:01 ack markus_sabadello 16:12:07 markus_sabadello: this one is more complicated 16:12:19 ... it has to do with the service parameter 16:12:24 ... and a relative ref parameter 16:12:40 ... they can be used together to point at a service endpoint plus the relative reference 16:13:01 ... someone will have to go through the algorithm and fix the references 16:13:27 ... and if no one wants to, I can assign it to myself 16:13:40 ... but it'd be great to have more contributors 16:13:43 q? 16:14:09 Wip: I agree with markus_sabadello, these issues would be great opportunities to get involved 16:14:15 ... we appreciate help 16:14:32 subtopic: https://github.com/w3c/did-resolution/issues/53 16:14:48 Wip: issue 53 - disallow remote context retrieval 16:14:54 ... this is suggesting a normative statemen 16:15:02 s/statemen/statement 16:15:08 q+ 16:15:13 ack markus_sabadello 16:15:16 ... this is about nor making remote requests for contexts in a production environment 16:15:42 markus_sabadello: this often comes up with any JSON-LD context, that they should be cached to avoid man-in-the-middle attacks 16:16:00 ... there is information in the VC specification that talks about needing to cache contexts 16:16:07 ... so we could add something similar here 16:16:21 ... it could potentially go in the security considerations section 16:16:43 Wip: something like production DID resolvers MUST cache contexts? 16:16:59 ... pretty straightforward, and security considerations seems like a reasonable location 16:17:03 ... any takers? 16:17:33 ... I'll take it 16:17:44 q+ 16:17:48 Wip: I wanted to open the door to JoeAndrieu and swcurran 16:17:54 ack JoeAndrieu 16:18:03 s/swcurran/smccown 16:18:13 Topic: DID Resolution Enhancements 16:18:16 smccown: thanks for the reminder. I'd forgotten 16:18:19 JoeAndrieu: likewise 16:18:29 Wip: we had a bunch of good discussion last week 16:18:32 https://github.com/w3c/did-resolution/issues?q=is%3Aissue%20state%3Aopen%20label%3Aenhancement%20%20sort%3Aupdated-asc 16:18:34 ... and there are about 7 of these left 16:18:42 ... it's in recently updated order 16:18:55 ... the aim of this is to decide as a group if these are extensions 16:19:13 ... and if so, who's going to take on the task of doing the work over there 16:19:30 ... or are these core to the DID specification and we should spend time bringing them into the core specification 16:19:34 subtopic: https://github.com/w3c/did-resolution/issues/38 16:20:12 Wip: should we say that conformant resolvers MUST be public? 16:20:17 JoeAndrieu: I can speak to this real quick 16:20:45 ... there's a concern that if you cannot get to the DID document itself, then whomever is preventing that access becomes the new gate-keeping authority 16:21:16 ... there's a notion that if you can't get to the document, then you don't have the same guarantees that we were trying to create here 16:21:37 q+ 16:21:43 q+ 16:21:45 ack Wip 16:21:46 ... structurally, we sort of have to allow that you may not have the data--whether or not it is part of an authentication scheme 16:21:59 ... these were things we saw in 2019...but not sure it's still a problem now 16:22:08 Wip: I don't think we need to say they are public 16:22:18 q+ 16:22:32 ... if it's a service you're calling, perhaps there's a way to run your own resolver? 16:22:39 ack markus_sabadello 16:23:32 markus_sabadello: do you need to authenticate in order to get the DID document? 16:23:45 ... historically, in this community, the assumption has been that it is publicly avai 16:23:50 s/avai/available 16:24:03 ... because if that were not the case, then there is some amount of centralization 16:24:13 ... but this does come up from time to time 16:24:21 ... issue 79 is related 16:24:30 ... Christopher Alan opened that one 16:24:38 q+ 16:24:44 ... it relates to DIDs within an enterprise or other organization 16:24:48 ack swcurran 16:25:04 swcurran: maybe public is a problematic word here? 16:25:22 +1 "public" is a horrible term 16:25:25 ... did:peer for one is not public, but it does provide it to another peer without authentication 16:25:34 https://blog.joeandrieu.com/2011/04/10/constellations-of-privacy/ 16:25:35 ack JoeAndrieu 16:25:39 ... but it's only shared with the other party that is supposed to be able to resolve it 16:26:04 JoeAndrieu: one clarification 16:26:11 ... it is not a requirement that local resolution be possible 16:26:29 ... some methods do have that as an option, but others do no 16:26:32 s/no/not 16:26:40 q+ 16:26:44 ack markus_sabadello 16:26:51 Wip: should we continue to discuss this one? 16:27:03 markus_sabadello: we should probably get Christopher's opinion 16:27:20 ... or maybe have a special topic call? or dedicate 30 minutes on this topic? 16:27:26 Wip: that's a great idea 16:27:35 ... I'll try to find a good chunk of a call on this topic 16:27:39 subtopic: https://github.com/w3c/did-resolution/issues/7 16:27:56 Wip: this is about supporting DIDs on service endpoints 16:28:06 ... DIDs can be used as service endpoints currently 16:28:18 ... endpoints are URLS, so they can be set to a DID 16:28:33 ... do we need a parameter in the resolution spec that supports redirection? 16:28:37 q+ 16:28:40 ack markus_sabadello 16:28:46 ... so that you can get to the final destination for that service? 16:28:55 markus_sabadello: I remeber that the idea is really useful 16:29:13 ... maybe using a parameter resolver would find the final service endpoint 16:29:22 ... I don't think anyone has actually explored this, however 16:29:28 ... it sounds interesting and useful 16:29:32 ... but no one has used it 16:29:43 ... so I'm not sure it needs to be in the core specification 16:29:55 Wip: so, maybe the redirection piece is an extension? 16:30:22 ... should we be changing any of the specs to show a service endpoint that is a DID? 16:30:27 ... that might be an action here 16:30:37 q+ 16:30:40 markus_sabadello: but if we do an example, we also need to explain what it means and what is possible 16:30:40 ack swcurran 16:31:00 swcurran: my two cents would be to close it and say you can do it, nothing says you can't, but we don't need an example 16:31:13 Wip: good perspective 16:31:17 ... let's move on then 16:31:24 subtopic: https://github.com/w3c/did-resolution/issues/85 16:31:46 Wip: this is about, do we want a parameter on services to find them by type 16:31:59 q+ 16:32:01 ack markus_sabadello 16:32:14 markus_sabadello: it feels like a really useful feature 16:32:27 ... it's very close to the rest of the data model and resolution 16:32:40 ... we already have a way of referencing a service by it's identifier 16:32:41 q+ 16:32:47 ... so adding type seems logical 16:32:48 ack Wip 16:32:52 Wip: thanks, markus_sabadello 16:33:00 ... I think it is a useful thing 16:33:05 q+ to say isn't this dereferencing 16:33:09 ... but where does that lie? is that for the resolver? 16:33:13 ack JoeAndrieu 16:33:13 JoeAndrieu, you wanted to say isn't this dereferencing 16:33:16 ... or the client post resolution? 16:33:26 JoeAndrieu: my comment is very much in that direction 16:33:35 ... this is more about dereferencing than resolution 16:33:45 q+ 16:33:48 ack markus_sabadello 16:33:51 ... because when I do resolution, is the expectation that I'd only get part of the document back? 16:33:57 markus_sabadello: agreed with JoeAndrieu 16:34:04 ... resolution returns the DID document 16:34:14 ... so this would happen after that and be about dereferencing 16:34:29 ... there's another section that talks about different architectural components 16:35:17 Wip: anyone up for championing this issue? 16:35:32 ... the work would about how to define the types 16:35:37 ... and then how to dereference them 16:35:50 markus_sabadello: you can assign it to me 16:35:58 Wip: go for it markus_sabadello, thanks 16:36:05 subtopic: https://github.com/w3c/did-resolution/issues/90 16:36:33 Wip: can one dereference a DID document to a specific verification method 16:36:44 ... do we want this to be standard across all the specifications? 16:36:50 ... we talked about this before 16:37:09 q+ 16:37:11 ... and manu mentioned it was already in the CID specification 16:37:12 ack markus_sabadello 16:37:26 markus_sabadello: I think it's useful and be in the specification 16:37:41 ... we can reference the algorithm in the controlled identifier document specification 16:37:58 ... another thing manu pointed out is whether it should be a parameter 16:38:08 ... which would put it into the URL 16:38:09 Manu may have referred to this: https://www.w3.org/TR/cid-1.0/#retrieve-verification-method 16:38:13 ... or should it be an option 16:38:24 ... in that way it is separate from the URL itself 16:38:32 ... and this case it may be better as an option 16:38:40 Wip: what do others think? 16:39:25 ... my question is why not make it a parameter? 16:39:44 ... not hearing much interest in this one 16:39:54 ... I did open it, but let's leave it for now 16:40:00 subtopic: https://github.com/w3c/did-resolution/issues/66 16:40:20 Wip: this is related to parameters as well 16:40:28 ... things like version and time 16:40:40 ... we might add this to extensions 16:41:02 q+ 16:41:06 ack markus_sabadello 16:41:06 ... but there are questions about option use across all methods 16:41:14 markus_sabadello: I don't think this should be an extension 16:41:26 ... this is already in use by a number of did methods 16:41:46 ... there are use cases where you have `?version_id=` already 16:42:14 ... there is already some text around version parameters and examples in the dereferencing algorithm section 16:42:37 ... we just need to add a few things about what a dereferencer is supposed to do 16:42:51 Wip: I agree, but we don't list these properties in the did metadata section 16:43:02 ... because they're listed in a different section 16:43:10 https://w3c.github.io/did-extensions/resolution/#parameters 16:43:14 ... maybe I misread this 16:43:30 ... some of those parameters are in the core spec, but we also list them in the extensions 16:43:42 ... but in did resolution we list some, which are not in the extensions list 16:43:45 https://w3c.github.io/did-extensions/resolution/#did-resolution-metadata 16:43:49 markus_sabadello: yeah, I think you're right 16:44:01 ... we have some for URLs, but not for resolution 16:44:09 Wip: what I proposed was maybe not quite right 16:44:20 ... I was proposing that they be equivalent spaces 16:44:34 ... but some of these are only applicable for dereferencing 16:44:41 markus_sabadello: and the spec already says that 16:45:06 ... but you could also just resolve the DID and pass the resolution options then 16:45:16 Wip: maybe that's the change? 16:45:24 ... copying the version parameters across 16:45:38 ... I'm happy to take on that change to DID extensions 16:45:52 ... but markus_sabadello it seemed like there was more to explore here? and maybe we need other issues? 16:45:56 markus_sabadello: yes 16:46:30 Wip: I'll take the DID extensions bit on, but then we should come back to the TODOs in the specification 16:46:35 subtopic: https://github.com/w3c/did-resolution/issues/59 16:46:36 ... k. we have 2 more 16:46:57 Wip: I believe this issue is around asking that one only wants certain things back 16:47:04 ... do you want all or some of the metadata, etc. 16:47:05 q+ 16:47:11 ack markus_sabadello 16:47:28 markus_sabadello: this is about getting a result 16:47:36 ... do you want the document and the metadata or just the document? 16:47:44 ... to some extent this is possible already 16:47:54 ... you can do this with Accept headers and content negotiation 16:48:09 ... you could get just the DID document or also include the metadata 16:48:22 ... I had a conversation earlier around linked resources 16:48:30 ... situations where you can reference images, etc. 16:48:43 ... is there a way to just return the content? or just the metadata? or both? 16:48:50 ... and what would be the mechanisms for doing that? 16:49:02 q+ to say this is dereferencing, not resolution 16:49:06 ... the way it is right now with media types seems straightforward 16:49:18 ... I asked a coworker to post about this if it was still needed 16:49:23 ack JoeAndrieu 16:49:23 JoeAndrieu, you wanted to say this is dereferencing, not resolution 16:49:24 ... so maybe we wait for that comment 16:49:29 Wip: and we can mark it pending closed 16:49:44 JoeAndrieu: it seems to me that resolution would always be the whole document 16:49:56 ... and in dereferencing you could use a subset 16:50:09 Wip: I think this is slightly different because of the metadata 16:50:26 JoeAndrieu: yes, but you never get back a subset of the did document 16:50:36 Wip: right. I don't think that is what this issue is asking for 16:50:48 ... either way JoeAndrieu you sound aligned with this pending closed plan 16:50:57 JoeAndrieu: yeah. I was imagining this was something else 16:51:11 Wip: markus_sabadello maybe you can talk to the other person about providing more detail? 16:51:13 markus_sabadello: yes 16:51:14 subtopic: https://github.com/w3c/did-resolution/issues/5 16:51:26 Wip: this is about how do we handle deactivated dids 16:51:29 q+ 16:51:34 ack markus_sabadello 16:51:46 markus_sabadello: we discussed this a couple weeks ago 16:51:54 ... there's been a few more thoughts since then 16:52:17 ... if a DID is deactivated and then you try to resolve it, what happens 16:52:37 ... currently, you just get info that it was deactivated, but you do not get the DID document 16:52:54 ... but there's been discussion about returning the document if explicitly asked 16:53:01 ... but some DID methods do not support that 16:53:14 ... if the document is deactivated, it's the same as if it never existed 16:53:29 ... so we need to review what we say about this currently 16:53:36 ... and decide if anything needs changing 16:53:37 q+ 16:53:40 ack JoeAndrieu 16:53:50 JoeAndrieu: I'm confused by what we think we're allowed to say 16:54:03 ... DID core makes a clear distinction between revoked and not revoked 16:54:11 ... I don't think we get to say you don't have to do that 16:54:12 q+ 16:54:16 ack markus_sabadello 16:54:41 Wip: part of the discussion is that if the resolver comes across a deactivated did, what should they respond with? 16:54:50 ... just the metadata? or the document? 16:55:00 markus_sabadello: current spec says quite clearly what should happen 16:55:06 ... and it is not up to the methods 16:55:19 ... the core spec says you only get the metadata back with `deactivated: true` 16:55:32 ... if you use an HTTPS binding, then it gets a 406 error 16:55:53 q+ to talk about the did document when deactivated 16:55:59 ... maybe there is a point to providing more information about this scenario 16:56:00 ack JoeAndrieu 16:56:00 JoeAndrieu, you wanted to talk about the did document when deactivated 16:56:08 ... but I don't believe it is up to the methods 16:56:31 JoeAndrieu: we have had a conversation around whether there is a thing called a DID document once it's deactivated 16:56:40 ... you could potentially ask for an earlier time state 16:57:02 ... but if you request a deactivated DID, the result is that it should not be there 16:57:11 ... I don't think methods can ignore that 16:57:27 Wip: maybe this is just about an extension? 16:57:35 ... so, let's move to comments in the issue 16:57:44 ... k. I think that's a wap 16:58:01 ... next week, probably not going to have a call 16:58:06 ... I'll let you know on Tuesday 16:58:10 ... talk soon 16:58:20 ... thanks, bigbluehat for scribing. 16:58:57 JoeAndrieu, https://www.w3.org/TR/did-1.0/#dfn-deactivated makes me think that there *can* be a DID document for a deactivated DID... 17:00:50 RRSAgent, make minutes 17:00:51 I have made the request to generate https://www.w3.org/2025/01/30-did-minutes.html pchampin 17:01:01 pchampin: doesn't look like that says anything about the document itself, only the metadata 17:02:34 s/pchampin: doesn't/ pchampin, doesn't 17:02:50 present+ JoeAndrieu 17:02:52 RRSAgent, make minutes 17:02:53 I have made the request to generate https://www.w3.org/2025/01/30-did-minutes.html pchampin