did:web method specification has started to get significant adoption, but it is still fundamentally flawed from a security standpoint by its reliance on DNS trust infrastructure, which is susceptible to hijacking attacks (among other issues). In addition, the did:web method adds further vulnerabilities due to the reliance on storing a DID document (that is entirely authoritative for the associated cryptographic keys) on a Web server.
Just as Web infrastructure made the progression from the insecure
http: to the secure
https: protocol, the goal of the
did:webs method is to specify a secure version of
did:webs specification can also help bridge the gap between existing DIDComm-based ecosystems and KERI-based ecosystems.
To deliver a specification for the
did:webs DID method meeting the requirements of DID method specifications defined in the W3C Decentralized Identifiers (DIDs) 1.0 specification, including creation, resolution, updating, and deactivation of DID documents with secure cryptographic key material. See the following illustration:
The table below lists the deliverables of this task force:
|Full Name of Deliverable
|Working Draft stage
Please add your name to this list in any desired role:
- Kevin Griffin , GLEIF
- Wenjing Chu , Futurewei
- Drummond Reed, Gen
- Charles Lanahan , Stealth Mode Startup Company
- Henk van Cann
For all authoritative meeting logistics and Zoom links, please see the ToIP Calendar.
See the latest documentation in the GitHub Repo here:
Meeting Agendas and Notes
All meeting agendas and notes are recorded on the did:webs Meeting Page.
Intellectual Property Rights (Copyright, Patent, Source Code)
As a Task Force (TF) of the Technology Stack WG (TSWG), the DWTF inherits the IPR terms from the TSWG JDF Charter.
- Copyright mode: OWFa 1.0 (available at https://www.openwebfoundation.org/the-agreements/the-owf-1-0-agreements-granted-claims/owfa-1-0)
- Patent mode: OWFa 1.0 (available at https://www.openwebfoundation.org/the-agreements/the-owf-1-0-agreements-granted-claims/owfa-1-0)
- Source code: Apache 2.0 (available at http://www.apache.org/licenses/LICENSE-2.0.html)
Mailing List and Communications
This task force uses the following for communications
- Slack: This TF has its own dedicated Slack channel: #tswg-did-webs-tf
- GitHub: This TF will use GitHub issues for substantive conversations on topics.
We may alternatively use the following formats:
- Markdown: Draft portions spec written in Markdown
- SpecUP: Final version of spec processed with SpecUp