@bnewbold.net @bnewbold you’re looking for @arcanicanis
-
arcanicanisreplied to Erlend Sogge Heggen last edited by
I stole a few ideas from did:plc and did:tdw, yes. It's just an experiment insofar, as I'm using it as a stand-in for other methods, as something I can adjust to my needs as I toy with DIDs in a way with reverse-compatibility to standard non-DID ActivityPub.
As it currently stands, there doesn't seem to be a lot of methods that clarify whether DID URLs are permitted or not with the method.
There were a few adjustments I was going to add, such as what other 'authoritative' servers the did:fedi can be discovered from, within the method-specific protocol, maybe.
Either way, I haven't been public about it yet. Just finished a basic key wrapping and serialization format to go along with it, and I'll probably push out a newer version of the generator demo (which presently lacks a polyfill for browsers that don't have native Ed25519 within WebCrypto) in a day or two. I'll probably be more vocal when I have results.
As for the primer, that was probably over a year ago, and the mentioned FEPs, even a year before that (with all those FEPs devised by @silverpill )
-
@arcanicanis @silverpill @bnewbold @erlend sadly there isn't much support for DID URLs in the wild, as that whole set of features is optional and few DID method specifications even mention (whether mandatory or optional) how implementations could dereference DID URLs... I would mention that one of the formal objections complained about this unspecified behavior and thus the DID WG has prioritized the DID Resolution spec, which might help a little:
https://w3c.github.io/did-resolution/#dereferencing -
bumblefudgereplied to bumblefudge last edited by [email protected]
@arcanicanis @silverpill @bnewbold @erlend
One useful piece of prior art to look at would be did:cheqd, both the method and the production implementation (and maybe even the veramo plug-in!). the cheqd team has really been driving a lot of the effort to do something grown-up with DID URLs in prod and in standardized ways...
https://docs.cheqd.io/product/sdk/veramo-plugin/did-linked-resources -
bumblefudgereplied to bumblefudge last edited by [email protected]
@arcanicanis @silverpill @bnewbold @erlend FEP-e3e9 snuck in "DID URL syntax" to a standalone "permalink service", such that everything after the ? would model what a DID-URL permalink for nomadic content could look like; what comes before the ? is a traditional HTTPS URL in the FEP, but could also be a gateway that takes a DID as a path... (i.e. https://indexer.example/did/plc/53ogl5ixuq44t73wuqawpa33?...)
-
I have been reading parts of the DID Resolution spec, yes. There are some inconsistencies I noticed when trying to sorta-implement it, such as the example for "8. DID URL Dereferencing Result" whereas it has
didUrlDereferencingMetadatawhile the current JSON-LD context (which ishttps://w3id.org/did-resolution/v1which redirects to a broken URL ofhttps://w3c-ccg.github.io/did-resolution/contexts/did-resolution-v1.json, when I think it's instead meant to go tohttps://w3c.github.io/did-resolution/contexts/did-resolution-v1.json) defines a property name ofdereferencingMetadatainstead; or alsorelative-refinstead ofrelativeRefin some of the diagrams.There had been light inferences about using DID URLs for binary content, but it's difficult to see the application of it, when most of it comes to returning a JSON resolution/dereferencing metadata document as an envelope. There's no mention of anything with content negotiation, like if there was a mechanism where: a DID-aware application could ask for the JSON info on resolution, or else, a non-DID-aware application (that doesn't list DID resolution media type in the 'Accept' header) could just be redirected to the dereferenced binary file instead.
There also doesn't seem to be much for options with simply pointing to the location of the resource, rather than embedding the resulting document directly.
I've generally tried just 'making up' some makeshift extensions to fill the gaps in my use-case, and might have some results within a week-ish (I have a resolver implemented with DID URL dereferencing, I just need to make further client-facing changes). There could also be a chance that I might have skipped over something important that might address my complaints, as I'm usually skimming through fragments of all the miscellaneous specs at a time.
-
@arcanicanis @by_caballero @silverpill @erlend (glad to re-connect!)
i'm not sure I understand the advantage of leaning in to DID URLs instead of creating a new URI scheme (eg, fedi://).
it would be great if we could get WHATWG to allow DIDs in the authority section of URLs, at least non-HTTP URLs. I haven't started that conversation yet, but could be helpful for a bunch of DID-using projects.
curious to hear about how did:fedi resolution would work! aka how to discover authoritative server
-
@bnewbold @arcanicanis @silverpill @erlend I'm confused-- whatwg doesn't need to approve nonhttp uris, that's what a did url already is, and authoritative server is an http concern; any did method specification that includes a did url section defines for itself how a did url is processed and with reference to what service via what protocols. I must be misreading something?
-
@bnewbold There is no advantage in using DID URLs. That severely limits the number of DID methods developers can use, and excludes the most important method,
did:key.You're right, new URI scheme is much better. This approach is being explored in FEP-ef61 (where
ap://scheme was proposed).ActivityPub IDs are RFC-3986 URIs, and that RFC doesn't forbid non-DNS naming authorities (idk about WHATWG standard). However, you can't build a valid RFC-3986 URI with plain DID because the portion after the last colon is parsed as a port number. Two solutions has been proposed:
- Percent encode DID:
ap://did%3Akey%3Az6MkrJVnaZkeFzdQyMZu1cgjg7k1pZZ6pvBQ7XJPt4swbTQ2/actor
- Pretend that we are using IP address from the future:ap://[vd.did:key:z6MkvUie7gDQugJmyDQQPhMCCBfKJo7aGvzQYF2BqvFvdwx6]/actor -
@bnewbold Of course, a new syntax for DID authorities would be preferable
ap://{did:key:z6MkvUie7gDQugJmyDQQPhMCCBfKJo7aGvzQYF2BqvFvdwx6}/actorBut standardization of it may take many years. And after that people will need to update all existing URI/URL parsing libraries and software that depends on them.
-
bumblefudgereplied to silverpill last edited by [email protected]
@silverpill @arcanicanis @erlend @bnewbold why is support for more did methods an assumed goal? for whom and in which use cases is a non http protocol handler justified? why is did:key important? why is ap:// the best possible url scheme for the AP protocol? it feels like we're talking at a general level and yet so many usecase-specific requirements and goals keep sneaking in
-
@by_caballero @arcanicanis @silverpill @erlend yeah, totally possible to use and register a new URIs generally.
I guess I find it helpful to 1) be able to use generic "URL" libraries across systems like browsers, operating systems, programming language stdlib (takes years to update any of these), and 2) separate DID methods from protocol usage on top of DIDs? eg, limiting a DID method to a specific use-case feels like a weird bundling/binding to me
-
@silverpill @arcanicanis @by_caballero @erlend many years: yup! good to get the ball rolling.
I think that the DID syntax, with double-colon and no @-symbol in between, is distinct enough from other URLs that the URL spec (the WHATWG one which everybody implements, not the IETF URI or earlier URL specs) could be extended in a forwards-compatible way. brackets or URL encoding would be a bummer to me! the did:3 method is a bit of a corner-case but still managable
-
>why is support for more did methods an assumed goal?
Because extensibility is good. New DID methods are constantly being invented and there shouldn't be any artificial restrictions on their use.
>for whom and in which use cases is a non http protocol handler justified?
In an 'http' URL, the authority is derived from the domain name. In our case, authority is derived from a cryptographic identity, so a custom URI scheme is more appropriate.
>why is did:key important?
did:key doesn't depend on any external services and is the easiest to implement.
>why is ap: the best possible url scheme for the AP protocol?
It works and so far no other scheme has been proposed.
-
@silverpill @arcanicanis @erlend @bnewbold all 4 of those answer talk past the questions:
- if new methods are being invented all the time why does it matter how many of today's methods you support?
- right but for what usecases is it justified to require non-https URIs OR any did method dereferencing mechanics, much less both?
- that's a feature in some usecases, a bug in others, and not an explanation of why supporting didkey is important to extending AP and/or ATP
- I've seen others
