Closed msporny closed 3 years ago
@msporny the most significant nit is with the first part of the text. Shouldn't it say something like: "Given the equivalentId
and canonicalId
properties are determined by and within Methods themselves, they are subject to the same security guarantees a Method provides for the resolved ID itself, namely: if you trust a Method to properly resolve IDs in general, you trust the resolution of the IDs in these properties. The alsoKnownAs
property is not Method-secured or guaranteed by Methods to be an accurate statement of equivalence by the controller of the resolved ID, thus they cannot be immediately relied upon without some Method-external validation procedure."
@msporny the most significant nit is with the first part of the text. Shouldn't it say something like: "Given the
equivalentId
andcanonicalId
properties are determined by and within Methods themselves, they are subject to the same security guarantees a Method provides for the resolved ID itself, namely: if you trust a Method to properly resolve IDs in general, you trust the resolution of the IDs in these properties. ThealsoKnownAs
property is not Method-secured or guaranteed by Methods to be an accurate statement of equivalence by the controller of the resolved ID, thus they cannot be immediately relied upon without some Method-external validation procedure."
Yes, I'd be fine w/ language to that effect. Please simplify it to a high school reading level -- that's what these editorial passes are about. It takes quite a bit of effort to parse your statement above... it's has a lot of embellishment in it... please try to strip it down to its most basic components/statements.
How about this: "Given the equivalentId and canonicalId properties are determined by Methods themselves, the same security and accuracy guarantees that apply to the resolved ID present in the id
field of a DID Document also apply to these properties. The alsoKnownAs
property is not guaranteed to be an accurate statement of equivalence, and should not be relied upon without performing validation steps beyond the resolution of the DID Document."
How about this: "Given the equivalentId and canonicalId properties are determined by Methods themselves, the same security and accuracy guarantees that apply to the resolved ID present in the
id
field of a DID Document also apply to these properties. ThealsoKnownAs
property is not guaranteed to be an accurate statement of equivalence, and should not be relied upon without performing validation steps beyond the resolution of the DID Document."
Perfect. Do you mind doing a change suggestion on this PR to that effect?
Editorial, multiple reviews, changes requested and made, no objections, merging.
Partial editorial cleanup to appendices tracked as issue #728.
Preview | Diff