did:web:example.com:@bengo should be a valid did - can we add '@' to the syntax for 'idchar'?

w3c / did-core

W3C Decentralized Identifier Specification v1.0

https://www.w3.org/TR/did-core/

Other

395 stars 93 forks source link

did:web:example.com:@bengo should be a valid did - can we add '@' to the syntax for 'idchar'? #829

Closed gobengo closed 1 year ago

gobengo commented 1 year ago

Use Case

I want my did to be did:web:bensmastodon.social:@bengo -> https://mastodon.social/@bengo

Questions

is that a valid did?
- I think not. The '@' doesn't match idchar in https://www.w3.org/TR/did-core/#did-syntax

Proposal

Add '@' to idchar

Context

RFC3986 paths explicitly include "@" in pchar

gobengo commented 1 year ago

@OR13 wdyt?

peacekeeper commented 1 year ago

Hmm interesting.. In RFC3986, @ is considered a delimiter and a reserved character. But it's only used as a delimiter in the "authority" component of a URI, and DID's don't have such an "authority" component. Therefore I think it would not violate RFC3986 if we allowed @ in the idchar rule.

@talltree what do you think, can you remember a reason why that would be a bad idea?

In any case, it's too late to make such changes now, since DID Core 1.0 was just published as a Recommendation. But perhaps in a future WG and future version of the specification.

talltree commented 1 year ago

@peacekeeper The reason it is a bad idea is that DIDs were never intended to be human-readable identifiers— any identifier that carries semantic meaning becomes subject to all kinds of issues (semantic drift, intellectual property rights, phishing) that we avoid by encouraging DIDs to be identifiers with no semantic meaning.

That's the main reason we made the DID character set so restrictive. (We also wanted to avoid any reserved characters to make it easier to embed a DID in another URL.)

gobengo commented 1 year ago

Is this a valid workaround?

> 'did:web:bensmastodon.social:@bengo'.split(':').map(encodeURIComponent).join(':')
"did:web:bensmastodon.social:%40bengo"

i.e.

Will this did: did:web:mastodon.social:%40bengo resolve to https://bensmastodon.social/@bengo ? (assuming that host implemented did:web correctly?).

I think so? But just thinking through whether it will double-encode something

talltree commented 1 year ago

@gobengo Yes. We explicitly added support for the % character in the DID ABNF so that any other character needed in a DID could be percent-encoded if needed.

gobengo commented 1 year ago

ok. I think this issue is resolved. Thanks everyone. :) If anyone implements something like this, plz do share a link below.