14:55:53 RRSAgent has joined #did 14:55:58 logging to https://www.w3.org/2025/09/18-did-irc 14:56:07 rrsagent, draft minutes 14:56:08 I have made the request to generate https://www.w3.org/2025/09/18-did-minutes.html Wip 14:56:10 rrsagent, make logs public 14:56:15 Meeting: Decentralized Identifier Working Group 14:56:18 Chair: Wip 14:56:21 Agenda: https://lists.w3.org/Archives/Public/public-did-wg/2025Sep/0006.html 14:56:25 present+ 15:00:37 KevinDean has joined #did 15:00:46 present+ 15:01:18 present+ 15:02:15 TallTed has joined #did 15:03:26 swcurran has joined #did 15:03:27 markus_sabadello has joined #did 15:03:50 present+ 15:04:57 denkeni has joined #did 15:04:57 present+ 15:05:03 bigbluehat has joined #did 15:05:22 present+ 15:05:22 Topic: Agenda Review 15:05:23 present+ 15:05:23 scribe+ 15:05:34 present+ 15:05:52 Wip: quick announcement, agenda review, and then some issues and PRs 15:05:59 q+ 15:06:02 ack manu 15:06:12 ... I didn't leave time for DID Core... Manu? 15:06:28 manu: just a few things on that. Horizontal review, etc. Just a few minutes probably 15:06:31 Topic: Announcement about Affiliation 15:06:53 Wip: I'm no longer formerly representing DCD on these calls. 15:07:06 q+ 15:07:06 ... I'll be representing Legendary Requirements going forward 15:07:19 ack ivan 15:07:25 ... I plan to continue chairing this group for the foreseeable future 15:07:39 ivan: formally, you have to be reappointed as a chair with the change of affiliation 15:07:57 ... mostly pchampin can take care of that...but it does have to be done. 15:08:08 JoeAndrieu has joined #did 15:08:22 pchampin: I will start the process to get you reappointed, Wip 15:08:24 q? 15:08:31 Topic: DID Core 15:09:05 manu: I prepared a 1.1 draft 15:09:08 CR-ready DRAFT has been created: https://lists.w3.org/Archives/Public/public-did-wg/2025Sep/0005.html 15:09:29 manu: I've sent an announcement email 15:09:39 ... this is the first CR ready thing 15:09:45 ... changes are reflected in the version history and in the spec 15:09:54 ... the implementation report is also ready for 1.1 15:10:04 ... this includes 1.0 and 1.1 tests 15:10:26 JennieM has joined #did 15:10:28 present+ 15:10:30 ... ivan, I have not done the Quad comparison between 1.0 and 1.1 15:10:37 ... those should match, if they don't, I'll fix it 15:10:46 ... our privacy review has been completed 15:10:50 ... they've signed off on 1.1 15:11:00 ... they did raise one issue that we cannot address in our current charter 15:11:18 ... there's a request to improve the review criteria 15:11:22 ... that'd be a class 4 change 15:11:29 ... which is blocked by a recharter need 15:11:43 ... pchampin there's one in here for finalizing the context files pre-req 15:11:43 q+ about registry 15:11:47 q+ to ask about registry 15:12:06 ... staff and chairs will need to sort out timing 15:12:08 ack JoeAndrieu 15:12:08 JoeAndrieu, you wanted to ask about registry 15:12:11 ... but everything is preparred 15:12:29 JoeAndrieu: question for manu about the class 4 changes 15:12:41 manu: Kyle wants us to change the specification text 15:13:13 ... basically, Kyle wants us to tighten the MUST statements up around DID Methods 15:13:30 ... mostly because some of the methods don't have good security sections 15:13:33 q+ 15:13:45 ... and other folks have raised issues around certain methods being aggressively centralized 15:13:50 q- about 15:13:52 ... did that put more context around it? 15:13:55 q- registry 15:13:58 ack JoeAndrieu 15:14:08 JoeAndrieu: we do have control over the registry 15:14:15 q+ 15:14:17 ... and we could raise the bar on getting into the registry 15:14:19 ack manu 15:14:22 ... regardless of the spec text 15:14:33 manu: we could, but I'm a bit concerned about adding that at the end of the charter 15:14:41 ... vs. putting our time into DID Resolution 15:14:50 ... mostly, I'm not sure we have bandwidth 15:14:59 q+ 15:15:03 JoeAndrieu: technically, we do have the need to define these rules for the registry anyway 15:15:04 ack Wip 15:15:15 ... so maybe we can better express these needs in that activity 15:15:28 Wip: we did take that work on, but agreed we may not have time to do it 15:15:47 ... right now, I'm feeling a bit nervous about getting DID Resolution through in time 15:15:54 q+ 15:15:57 ... but if people have time to push these other things forwards, that's also fine 15:15:59 ack manu 15:16:24 manu: I don't think there's anything stopping anyone from doing a PR for that registry change 15:16:31 ... but I plan to focus on DID Resolution 15:16:41 ... maybe JoeAndrieu , you can address it along with Kyle's concerns? 15:16:50 JoeAndrieu: yeah...I've got threat modeling I'm doing 15:16:50 present+ 15:16:59 ... unfortunately, I can't sign up the way I want to 15:17:05 ... but I take the point about the need for the work 15:17:08 q? 15:17:27 Wip: k. I think we're just waiting on other horizontal reviews then 15:17:32 manu: could we do a resolution today? 15:17:45 ... it would basically say, we're ready to publish once the horizontal reviews are in 15:17:49 ... could we get that on the books? 15:17:56 ... I think I set it as 2 weeks after TPAC 15:18:06 Wip: isn't that Thanksgiving? 15:18:13 manu: I tried to avoid that... 15:18:23 Wip: does W3M schedules effect this? 15:18:28 manu: it does. We could say ASAP 15:18:34 Wip: anyone objecting to that? 15:19:21 ivan: our webmaster is not in the US, so Thanksgiving may not be an issue for publication 15:19:21 markus_sabadello has joined #did 15:19:38 scribe+ 15:20:39 +1 to Manu's clarification 15:20:51 JoeAndrieu: will we need another resolution if changes are made after horizontal review? 15:20:54 q+ 15:21:07 ack ivan 15:21:24 manu: if some WG participants object to publish it after such changes, we will take another resolution 15:21:53 pdl has joined #did 15:22:19 q? 15:22:20 ivan: this should not be a problem; 15:22:21 ... if the horizontal review provide comment, that will prevent us from going to REC, but we can publish a new CR snapshot after the first one 15:22:33 PROPOSAL: Publish the DID v1.1 specification (https://w3c.github.io/did/transitions/2025/CR/) as a Candidate Recommendation Snapshot after the Horizontal Review is complete with a target publication date towards the end of November. 15:22:37 +1 15:22:37 +1 15:22:40 +1 15:22:40 +1 15:22:40 +1 15:22:40 +1 15:22:42 +1 15:22:42 +1 15:22:47 +1 15:22:58 +1 15:23:01 RESOLVED: Publish the DID v1.1 specification (https://w3c.github.io/did/transitions/2025/CR/) as a Candidate Recommendation Snapshot after the Horizontal Review is complete with a target publication date towards the end of November. 15:23:25 Topic: DID Resolution Horizontal Review 15:23:55 Wip: same questions for DID Resolutions; what do we need to bring DID Resolution to CR? 15:24:01 https://github.com/w3c/did-resolution/issues?q=is%3Aissue%20state%3Aopen%20label%3ATAG 15:24:06 ... we need to complete the Security review, Privacy review, TAG review 15:24:26 subtopic: https://github.com/w3c/did-resolution/issues/185 15:24:33 https://github.com/w3c/did-resolution/pull/194 15:24:55 Wip: markus_sabadello already reviewed this; we can discuss it here 15:25:05 ... my goal is to have TAG review by the end of the month 15:25:31 q? 15:25:45 ... Contrarily to DID core, this is a brand new spec, so we want to give those groups enough time to review. 15:25:47 subtopic: https://github.com/w3c/did-resolution/issues/191 15:26:21 Wip: this one is currently not assigned to anyone. Is anyone willing to take it? 15:26:21 q+ 15:26:21 ... There is a link to the questionnaire. 15:26:21 q+ 15:26:23 ack markus_sabadello 15:26:41 markus_sabadello: I think I said I would do it. I should have time. 15:26:48 ack JoeAndrieu 15:26:53 q- 15:26:54 Wip: thank you. Please self assign. 15:27:18 TallTed: things are shifting. Not sure this questionnaire is what the group is now looking for. 15:27:37 ... The other side is a threat-model based Security consideration section. But this is not yet well defined. 15:27:43 smccown has joined #did 15:27:59 Wip: currently, the documentation says to fill in that questionnaire. 15:28:08 .. We are just getting the process started. 15:28:14 present+ 15:28:15 I just joined, so I didn't get it all, but I'd be happy to help with the privacy questionnaire 15:28:16 s/.. We/... We 15:28:20 subtopic: https://github.com/w3c/did-resolution/issues/92 15:28:41 Wip: sorry about yesterday, I didn't feel I had enough done to warrant taking time on a call. 15:28:54 ... I have done some work on the test suite. 15:29:09 ... I have a handful of tests, now waiting for DIDs to be passed in. 15:29:20 https://github.com/w3c-ccg/vc-test-suite-implementations/blob/main/implementations/DIF.json 15:29:50 q+ 15:29:53 ack manu 15:29:55 ... Are there any implemeters of resolver here (or that we know of) who could submit things? 15:30:09 manu: we intend to submit one, but we have a big backlog. 15:30:24 q+ to say we should try to get Shaun Conway's Ixo implementation, but I don't know if they have https 15:30:26 ... We have the resolution software, only not yet the HTTP binding. 15:30:29 ack JoeAndrieu 15:30:29 JoeAndrieu, you wanted to say we should try to get Shaun Conway's Ixo implementation, but I don't know if they have https 15:30:43 JoeAndrieu: I will try to get Sean Conway's implementation. 15:31:06 ... I don't think their implementation is up to speed with our HTTPS approach. 15:31:19 Wip: anyone else we should be reaching out to? 15:31:34 JoeAndrieu: I will raise it to DCD to BTCR2. 15:32:19 manu: we don't formally need to have a test suite, the requirement is to have two independent implementations for each features. 15:32:43 s/I will raise it to DCD to BTCR2/We should ask DCD for a BTCR2 resolver/ 15:32:45 +1 to manu 15:32:48 ... We determine this. Of course a test suite is a good idea to do it. 15:32:56 ... But that's not blocking us for going to CR. 15:33:18 Topic: Error codes for unsupported DID features 15:33:23 https://github.com/w3c/did-resolution/issues/190 15:33:47 q+ 15:33:53 ack JoeAndrieu 15:34:34 JoeAndrieu: it may be that a resolver does not support a specific method, but it is still a valid DID. 15:35:01 Wip: this is a relatively simple change in the spec. If anybody could propose a PR... 15:35:21 q+ 15:35:24 ack markus_sabadello 15:35:32 JoeAndrieu: I like markus_sabadello's suggestion in the thread. 15:35:48 q+ 15:35:52 markus_sabadello: there is already an error code "Method not supported", and "Unsupported public key type" 15:36:00 s/specific method/specific feature 15:36:05 ack Wip 15:36:09 ... I'll put it also as a comment in there. 15:36:41 Wip: there are probably a few other error kinds that will bubble up with implementation experience 15:37:03 q+ 15:37:06 q+ 15:37:10 ack manu 15:37:11 JoeAndrieu: should there be a registry of common error codes across did methods? 15:37:25 ... This looks similar to common properties. 15:37:42 manu: you could view it as such, but I'm not sure we need this. 15:37:51 https://www.w3.org/TR/did-extensions-resolution/#error 15:38:02 ... People can currently use URLs for error codes, which is pretty decentralized. 15:38:10 ack markus_sabadello 15:38:23 ... Actually, we do define error codes in a vocabulary. We just don't put them in did-extensions. 15:38:41 markus_sabadello: there are already extension error codes that are not in the spec. 15:38:49 ... We may have to update the registry. 15:38:54 Topic: DID Resolution PR Processing 15:38:57 https://github.com/w3c/did-resolution/pulls 15:39:14 subtopic: https://github.com/w3c/did-resolution/pull/182 15:40:07 q+ 15:40:08 q+ to ask about conformance class 15:40:11 ack TallTed 15:40:45 TallTed: this PR confuses me. I made a comment to replace "remote DID resolver" to "resolver of remote DID". 15:40:51 ack JoeAndrieu 15:40:51 JoeAndrieu, you wanted to ask about conformance class 15:40:54 q+ 15:40:55 +1 15:41:00 q+ 15:41:21 q- 15:41:40 JoeAndrieu: TallTed's comment made me realize that we are defining conformance classes. 15:41:56 ack markus_sabadello 15:42:06 ... Maybe that's how we should explain it, and "remote" should indeed apply to the resolver. 15:42:36 markus_sabadello: I also find in the title of the issue confusing 15:42:55 q+ 15:42:57 ... "https binding" is about how the client interacts with the resolver, not how the resolver interacts with other components 15:43:05 ack JoeAndrieu 15:43:23 JoeAndrieu: we need to figure out where to say that we have 2 conformance classes, and how to define them. 15:43:32 ... Probably in this PR, but not in this section. 15:43:34 Seems like it should go here https://w3c.github.io/did-resolution/#conformance 15:43:44 ... But we do need to define "remore resolver" 15:44:53 subtopic: https://github.com/w3c/did-resolution/pull/183 15:45:12 i|subtopic|Wip: [comment about two conformance classes] I'll add a comment in the issue for otto 15:45:15 s/remore/remote/ 15:45:30 q? 15:45:33 Wip: anyone having concerns about this PR? 15:45:44 subtopic: https://github.com/w3c/did-resolution/pull/192 15:46:01 Wip: another one from Otto, also about binding. 15:46:31 markus_sabadello: it is about adding a POST binding, which we don't have right now. 15:46:36 ... I think it is fine. 15:46:59 ... It goes together with PR w3c/did-resolution#196 which I submitted. 15:47:12 subtopic: https://github.com/w3c/did-resolution/pull/196 15:47:43 markus_sabadello: I try to define of how the POST interface would work: 15:47:55 ... how you construct the URL, what to put in the headers, in the body. 15:48:14 Wip: review wanted on these PRs. 15:48:34 ... Also the OpenAPI YAML needs to be updated. 15:48:37 markus_sabadello: yes 15:48:44 Topic: DID Resolution Issue Processing 15:49:08 subtopic: https://github.com/w3c/did-resolution/issues/163 15:49:20 i|subtopic|Wip: we have 33 open issues, quite a few of them related to Horizontal Review, and threat modeling 15:49:58 q+ 15:49:58 Wip: we are currently stating that a DID document SHOULD include a 'created' property. 15:50:06 ... In some cases it will be made up. 15:50:06 ack markus_sabadello 15:50:27 markus_sabadello: I created a PR related to this issue, which has been merged. 15:50:46 ... It was reorganizing some sections about metadata but I didn't feel it addressed the main topic of this issue. 15:50:58 ... The 'created' property is sometimes verifiable, sometimes self-attested. 15:51:21 ... There is some language in the spec about this: what's the source of the metadata? 15:51:30 q+ 15:51:33 ... Built into the DID method? Something the controller can influence? 15:51:40 ... Maybe we need more of this. 15:51:45 q+ to mention self-attested metadata seems oxymoronic 15:51:58 ack Wip 15:52:17 Wip: I was thinking about this from the perspective of did:ptcr2 15:52:44 ack JoeAndrieu 15:52:44 JoeAndrieu, you wanted to mention self-attested metadata seems oxymoronic 15:52:52 ... In this case, the DID resolver would probably ignore the SHOULD, it has no way to derive the information. 15:53:13 JoeAndrieu: I'm good with the language SHOULD; it allows for some methods to not provide it if they have good reasons. 15:53:29 ... That said, a more conceptual question confuses me, about self-attested properties. 15:53:44 q+ 15:53:50 ack markus_sabadello 15:53:57 ... We don't have a way in BTCR2 to allow the controller to put such metadata in the document, so the self-attested idea does not fit here. 15:54:29 markus_sabadello: this came up with did:web, where self-attested metadata about the DID document can be added. 15:54:43 ... You would not trust these values very much, but that would be compliant. 15:55:05 q+ 15:55:08 ack Wip 15:55:15 ... If you compare this to fully blockchain-based DID methods, with verifiable timestamps... this is what this text is about. 15:55:27 ... To allow variations across implementations. 15:55:37 +1 for what is basically a published "sidecar" style metadata like the DID Loge Entry in webvh 15:56:01 subtopic: Other issues 15:56:17 Wip: 3-4 other issues are about the path. 3-4 are about the threat model. 15:56:38 RRSAgent, make minutes 15:56:39 I have made the request to generate https://www.w3.org/2025/09/18-did-minutes.html pchampin 15:57:36 present+ ivan 15:57:42 present+ JoeAndrieu 15:57:45 present+ markus_sabadello 15:57:45 RRSAgent, make minutes 15:57:47 I have made the request to generate https://www.w3.org/2025/09/18-did-minutes.html pchampin 15:58:11 m2gbot, link issues with transcript 15:58:12 comment created: https://github.com/w3c/did-resolution/issues/185#issuecomment-3308284665 15:58:13 comment created: https://github.com/w3c/did-resolution/pull/194#issuecomment-3308284736 15:58:14 comment created: https://github.com/w3c/did-resolution/issues/191#issuecomment-3308284837 15:58:15 comment created: https://github.com/w3c/did-resolution/issues/92#issuecomment-3308284959 15:58:16 comment created: https://github.com/w3c/did-resolution/issues/190#issuecomment-3308285098 15:58:17 comment created: https://github.com/w3c/did-resolution/pull/182#issuecomment-3308285221 15:58:18 comment created: https://github.com/w3c/did-resolution/pull/183#issuecomment-3308285345 15:58:19 comment created: https://github.com/w3c/did-resolution/pull/192#issuecomment-3308285423 15:58:20 comment created: https://github.com/w3c/did-resolution/pull/196#issuecomment-3308285540 15:58:21 comment created: https://github.com/w3c/did-resolution/issues/163#issuecomment-3308285626 16:51:23 brent has joined #did 16:58:33 Zakim, end meeting 16:58:33 As of this point the attendees have been Wip, KevinDean, pchampin, swcurran, manu, denkeni, bigbluehat, JennieM, TallTed, smccown, ivan, JoeAndrieu, markus_sabadello 16:58:37 RRSAgent, please draft minutes 16:58:38 I have made the request to generate https://www.w3.org/2025/09/18-did-minutes.html Zakim 16:58:44 I am happy to have been of service, TallTed; please remember to excuse RRSAgent. Goodbye 16:58:44 Zakim has left #did 16:58:44 RRSAgent, bye 16:58:44 I see no action items