Motivations
The did:web
method specification has started to get signifiant adoption, but it is still fundamentally flawed from a security standpoint by its reliance on DNS trust infrastructure, which is susceptible to hijacking attacks (among other issues). In addition, the did:web method adds further vulnerabilities due to the reliance of storing a DID document (that is entirely authoritative for the associated cryptographic keys) on a Web server.
Just as Web infrastructure made the progression from the insecure http: to the secure https: protocol, the goal of the did:webs
method is to specify a secure version of did:web.
The did:webs
specification can also help bridge the gap between existing DIDComm-based ecosystems and KERI based ecosystems.
Purpose
To deliver a specification for the did:webs
DID method meeting the requirements of DID method specifications defined in the W3C Decentralized Identifiers (DIDs) 1.0 specification, including creation, resolution, updating, and deactivation of DID documents with secure cryptographic key material. See the following illustration:
Deliverables
The table below lists the deliverables of this task force:
Acronym | Full Name of Deliverable | Deliverable Type | Link to Draft Deliverable | Lead Authors | Status/Notes |
---|---|---|---|---|---|
did:webs |
| Specification | TBD | Proposal stage |
Chairs
Please add your name to this list if you wish to be a chair:
- Phil Feairheller , GLEIF
Members
Please add your name to this list in any desired role:
- Primary Editors
Secondary Editors
- Drummond Reed, Gen
- Primary Reviewers
Secondary Reviewers
- Observers
Meeting Schedule
TBD
For all authoritative meeting logistics and Zoom links, please see the ToIP Calendar.
See latest documentation in the GitHub Repo here: TBD
Meeting Agendas and Notes
All meeting agendas and notes are recorded on the did:webs Meeting Page.
Intellectual Property Rights (Copyright, Patent, Source Code)
As a Task Force (TF) of the Technology Stack WG (TSWG), the did:webs TF inherits the IPR terms from the TSWG JDF Charter.
Mailing List and Communications
This task force uses the following for communications
- Slack: This TF has its own dedicated Slack channel: #tswg-didwebs-tf
- Github: This TF will use GitHub issues for substantive conversations on topics, not Slack. This way the conversation is source controlled.
Specification Generation
We may alternatively use the following formats:
- Markdown: Draft portions spec written in Markdown
- SpecUP: Final version of spec processed with SpecUp