decentralized-identity / edv-spec

Encrypted Data Vault Spec
https://identity.foundation/edv-spec
Apache License 2.0
13 stars 5 forks source link

Multiple parallel requests #4

Open troyronda opened 3 years ago

troyronda commented 3 years ago

As discussed in the EDV WG call, we would like to create and update several documents to a backing EDV from a Web Wallet while minimizing user visible latency (and server overhead). In general terms, we want to perform those operations in bulk.

The authorization scheme is ZCAPs and HTTP signatures. i.e., each HTTP call to the EDV is signed. The Web Wallet runs in the browser and leverages a KMS server to protect signing keys.

Solutions Discussed:

The explicit Bulk API addresses the problem by reducing the number of calls (and, hence, signatures, round-trips, and overhead). The EDV server is also explicitly aware of the bulk nature of the operations (and may choose to more directly treat them as bulk to its own backend).

Without an explicit Bulk API, the mentioned strategy is:

This non-explicit strategy also raises the topic about handling the requirement for HTTP/2 in the spec.

dmitrizagidulin commented 3 years ago

Discussed on the May 27, 2021 call.

Next steps: Issue stays open (as long as the 'at risk' link mentions it, in the spec).

Question: How should the group decide, long-term, whether a batch API is necessary, or if the parallel request use case can be solved in other ways?

DRK3 commented 3 years ago

Another item to discuss eventually is the operation syntax