[DID Subject] The concept of the DID Subject is redundant, confuding,and I believe unnecessary

[mwherman2000]

In https://w3c-ccg.github.io/did-spec/#did-subject, it states...

The DID subject is the identifier that the DID Document is about, i.e., it is the DID described by DID Document. The rules for a DID subject are:

• A DID Document MUST have exactly one DID subject.
• The key for this property MUST be id.
• The value of this key MUST be a valid DID.
• When this DID Document is registered with the target distributed ledger or network, the registered DID MUST match this DID subject value.

Example:

EXAMPLE 4 { "id": "did:example:21tDAKCERh95uGgKbJNHYp" }

I believe "DID Subject" is an unnecessary, extra concept that can be removed from the draft specification. It appears to be just another name for the "id (DID)" property which already carries 1 extra name (i.e. the "DID").

Why is a third name for the same concept (e.g. id, DID and now Subject) necessary?

The concept of the DID Subject is confuding, redundant, and I believe unnecessary - and hence, should be removed from the draft spec (everywhere).

NOTE: If section https://w3c-ccg.github.io/did-spec/#did-subject is deleted, Example 4 needs to be moved elsewhere in the draft DID spec as it is the only representation of the "world's simplest" DID document (which needs to be kept in the spec).

Principle: #lessismore

Cross referenced with issue: https://github.com/w3c-ccg/did-spec/issues/115

Reference: Hyperledger Indy/Sovrin Comprehensive Architecture Reference Model (INDY ARM) - latest version - bullets (12) thru (16) in both the diagram, Narration, and principles

[mwherman2000]

I believe (but may be wrong) that Subject is a higher-level concept that belongs to the concept of a Verifiable Credential ...and doesn't need to/shouldn't belong in the DID specification.

Reference: https://w3c.github.io/webpayments-ig/VCTF/architecture/

[rhiaro]

The DID subject is the thing the DID (decentralized identifier) identifies. Hopefully this is clarified by https://github.com/w3c-ccg/did-spec/commit/418ab1b38c6d35b9a7544da75de9799630780830 and https://github.com/w3c-ccg/did-spec/commit/776406cf4e4658a622308489775293be1db14556.

[mwherman2000]

FYI: I'll have to take another look at the whole text of the DID spec once all of these changes settle out. It's hard to tell from just the change logs.

[rhiaro]

@mwherman2000 certainly, and I will be doing more work on the introductory sections (there are still open issues around that) and then a full run through the whole spec, and will let you know when that feels ready for you to go through as a whole.

[talltree]

Michael, just to clarify, the recommendation of the DID spec team that met at RWOT was very simple:

1. Define the "resource identified by a DID" once and for all as the "DID Subject" (which is parallel to both the term used by Verifiable Credentials and by RDF).
2. Use that term uniformly 100% of the places in the spec that need to refer to "the resource identified by a DID".

That should eliminate any confusion or ambiguity about this term.

On Sun, Mar 3, 2019 at 6:14 PM Michael Herman (Toronto) < notifications@github.com> wrote:

FYI: I'll have to take another look at the whole text of the DID spec once all of these changes settle out. It's hard to tell from just the change logs.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/w3c-ccg/did-spec/issues/139#issuecomment-469043271, or mute the thread https://github.com/notifications/unsubscribe-auth/ADLkTegW5hof_eU2O0XmlKu1Aa5xanRVks5vTALygaJpZM4Zlmkh .

[mwherman2000]

RE: 1. Define the "resource identified by a DID" once and for all as the "DID Subject" (which is parallel to both the term used by Verifiable Credentials and by RDF).

@talltree I'm not sure your definition is "100%". Please checkout this scenario: https://github.com/w3c-ccg/did-spec/issues/174

[talltree]

@mwherman2000 I checked out #174 and, unless I'm missing something, it contains a logical tautology. The diagram classifies Alice is a DID Subject, and then it says that Alice does not have a DID.

By definition, a DID Subject is the resource identified by a DID. So therefore if a resource (which per the definition in section 1.1 of RFC 3986 is "anything that can be identified") does not have a DID, then that resource is not a DID Subject.

Now, two clarifications. First, whether a specific resource is a DID Subject applies only to a specific DID. Meaning that a resource (such as a person like Alice) may be a DID Subject in 1000 different contexts (i.e., she is identified by a DID in all of those contexts). But in context 1001, if Alice is NOT identified with a DID, then in context 1001, Alice is NOT a DID Subject.

Secondly, being a DID Subject does not imply anything about the method of the DID used to identify the DID Subject. #174 seems to imply that all DIDs must be registered in a public or widely accessible Verifiable Data Registry. However that is not a requirement of a DID method. For example, a DID method may be pairwise pseudonymous, i.e., shared with only a single peer, as described in did:peer:, a DID method being developed specifically for this purpose.

Net net: I don't think that anything I see in #174 changes the definition that a DID subject is the resource identified by a DID.