Character limitations for object-type-identifier

[c2bo]

The spec and the indy implementation allow for the unique names of the different objects (schema, creddef, revreg..) to basically use everything that a string would allow. Every npdb in the spec could contain characters that would be breaking for DID URLs like spaces.

If I understand the indy-node implementation correctly, then right now there are no limitations regarding the name apart from the size - see types.py:

class SchemaField(MessageValidator):
    schema = (
        (SCHEMA_NAME, LimitedLengthStringField(max_length=NAME_FIELD_LIMIT)),
        [...]

To solve this, we could

• Create some limitations regarding the object-type-identifier (e.g. referencing https://www.ietf.org/rfc/rfc1738.txt / https://datatracker.ietf.org/doc/html/rfc3986)
• Clarify that URL encoding/decoding must be used (and encourage the use of safe characters?)

Enforcing limitations would be a breaking change with the current implementation, this probably would need to be done in a way to only enforce this for the creation of new objects and still allow "old" names to be resolved.

My opinion would be to at least strongly encourage not using special characters for names or completely limit to something like `0-9, a-z, "-", "_", "." for fields like npdb in the spec.

[c2bo]

After some discussion in the did:indy call on 8th of March, we decided to go with option 2: Use URL encoding without breaking changes to the indy implementation. I will create a PR with some clarifications for the relevant text parts in the spec.