Motivations
The did:web method specification has started to get significant adoption, but it is still fundamentally flawed from a security standpoint by its reliance on DNS trust infrastructure, which is susceptible to hijacking attacks (among other issues). In addition, the did:web method adds further vulnerabilities due to the reliance on storing a DID document (that is entirely authoritative for the associated cryptographic keys) on a Web server.
Just as Web infrastructure made the progression from the insecure http: to the secure https: protocol, the goal of the did:webs method is to specify a secure version of did:web.
The did:webs specification can also help bridge the gap between existing DIDComm-based ecosystems and KERI-based ecosystems.
Purpose
To deliver a specification for the did:webs DID method meeting the requirements of DID method specifications defined in the W3C Decentralized Identifiers (DIDs) 1.0 specification, including creation, resolution, updating, and deactivation of DID documents with secure cryptographic key material. See the following illustration:
Deliverables
The table below lists the deliverables of this task force:
| Acronym | Full Name of Deliverable | Deliverable Type | Link to Draft Deliverable | Lead Authors | Status/Notes |
|---|---|---|---|---|---|
did:webs |
| Specification | https://github.com/trustoverip/tswg-did-method-webs-specification | Working Draft stage |
Chairs
- Phil Feairheller , GLEIF
- Lance Byrd , GLEIF
Members
Please add your name to this list in any desired role:
- Kevin Griffin , GLEIF
- Wenjing Chu , Futurewei
- Drummond Reed, Gen
- Charles Lanahan , Stealth Mode Startup Company
- Henk van Cann
Meeting Schedule
For all authoritative meeting logistics and Zoom links, please see the ToIP Calendar.
See the latest documentation in the GitHub Repo here:
https://github.com/trustoverip/tswg-did-method-webs-specification
Meeting Agendas and Notes
All meeting agendas and notes are recorded on the did:webs Meeting Page.
Intellectual Property Rights (Copyright, Patent, Source Code)
As a Task Force (TF) of the Technology Stack WG (TSWG), the DWTF inherits the IPR terms from the TSWG JDF Charter.
- Copyright mode: OWFa 1.0 (available at https://www.openwebfoundation.org/the-agreements/the-owf-1-0-agreements-granted-claims/owfa-1-0)
- Patent mode: OWFa 1.0 (available at https://www.openwebfoundation.org/the-agreements/the-owf-1-0-agreements-granted-claims/owfa-1-0)
- Source code: Apache 2.0 (available at http://www.apache.org/licenses/LICENSE-2.0.html)
Mailing List and Communications
This task force uses the following for communications
- Slack: This TF has its own dedicated Slack channel: #tswg-did-webs-tf
- GitHub: This TF will use GitHub issues for substantive conversations on topics.
Specification Generation
We may alternatively use the following formats:
- Markdown: Draft portions spec written in Markdown
- SpecUP: Final version of spec processed with SpecUp