Closed brianorwhatever closed 2 months ago
Question: Given that the scid
can appear in multiple places in the id
string (the DID) do we need to call out the scid
so that the SCID verification can be deterministically completed? Or can we extract the scid
from the id
in a reliable way?
Question: Given that the
scid
can appear in multiple places in theid
string (the DID) do we need to call out thescid
so that the SCID verification can be deterministically completed? Or can we extract thescid
from theid
in a reliable way?
I think that it should always be the last component of the method-specific ID, then the resolution process is straightforward:
I think that it should always be the last component of the method-specific ID, then the resolution process is straightforward:
I disagree is it adds yet another artificial enforced constraint to be different than did:web
. The closer we get to did:web
the better. So — did:tdw:<scid>.cloudcompass.ca
should be allowed. As should did:tdw:cloudcompass.ca:<scid>
. The DID URL to HTTPS URL rules should be identical to did:web
except that there MUST be a SCID in the DID.
I think that implies that for did:tdw:cloudcompass.ca:<scid>
the DID history will be in https://cloudcompass.ca/<scid>/
and not in .well-known
, for consistency with did:web. But I don't see why we need that.
I think we totally need that. I can see that using did:tdw:cloudcompass.ca:dids:<scid>
for all of my DIDs (of different purposes), that I store inhttps://cloudcompass.ca/dids/<scid>/
. For example, a company might have DIDs for the products in products/<scid>
.
I ended up putting a scid
param into the first log line I think it's a clean solution that allows flexiblity. Other than that the only difference I think I have to the original post here is I'm not using the empty string for the previousHash of the first line I'm using the genesis doc hash. See https://github.com/bcgov/didwebnext/pull/18#discussion_r1542362667
@brianorwhatever -- can you please add the Proof implementation to the initial description above?
Will do.
@andrewwhitehead are you ok with putting the scid
into the possible params?
Yup I'll update mine to add the scid as a parameter and adjust the previousHash.
This has been included in the spec now
The following was pulled in from here
Proposed DID history format
The history consists of a set of JSON-formatted arrays. Each line is in the format:
Within each line the properties are as follows:
version hash
version ID
timestamp
params
data
proofs
Parameters
There is currently 2 supported parameters.
method
scid
hash
The first line of the history must establish these parameters.
Example (parameters only):
Data updates
Each data update contains one of:
value
patch
Examples (data only):
The first line of the history must contain a
value
property.Version hash calculation
last hash
. For the first line, use the empty string ("").hash(JCS([last hash, version ID, timestamp, params, data]))
base32lower(digest)
Example:
Proofs
Data integrity proofs (cryptosuite TBD) are created with an
authentication
purpose, including the version hash as a challenge and using the new state of the document. The proofs are extracted from the signed document and included in the log entry. These are injected back into the document asproof
when verifying the log entry.Example:
Full example
(With invalid hashes)