2023-11-10 did:webs Meeting Notes

Info

See ToIP calendar for cancellations, etc.

did:webs Task Force
10:00 – 11:00am ET
Weekly on Friday, until Dec 22, 2023

Location:

https://zoom.us/j/92492310278?pwd=Um1uSWljTkRoQjdwaG52WHlsZmNXZz09

Meeting Recording Link

Video with transcript

Audio transcript

Attendees

Lance Byrd 

Philip Feairheller 

Stephen Curran 

Cole Davis 

Ed Eykholt 

Peter Black (Switchchord)

Charles Lanahan 

Jesse Carter 

Agenda Items and Notes (including all relevant links)

TimeAgenda ItemLeadNotes
5 min
  • Start recording
  • Welcome & antitrust notice
  • Introduction of new members
  • Agenda review
Chairs
5 minsReview of action items from previous meetingChairs
5 minsAnnouncementsTF Leads
  • We are targeting a 1.0 spec release by December 15
    • November to iron major/minor issues
    • First-half of December to tighten wording, etc.
  • FYI -- Gabe Cohen of TBD did a session at the April IIW session that was about finding the "Best DID Method".  It was a revised rubric around the properties a DID needs to be "the best" -- scalable, flexible, decentralized, discoverable.  Based on this blog summary that Gabe wrote, I'd say that did:webs meets the goal:
  • did:webs VDR
    • Registrar/Resolver for Aries agents
    • Interface and wrappers
    • Open source
5 mins

Reports

Open

Cole Davis will demo his related work at Switchchord

  • Music industry map is huge with many layers of contracts; participants have many different identifiers for purposes of getting paid but no consistent "identity"
  • Digital representation of a copyright should flow through supply chain and aggregate transaction data about itself.
  • The contracts:
    • Composition copyright (melody and lyrics) usually assigned (sold) by songwriters to music publishers
    • Sound recording copyright (specific recording of a composition) usually assigned (sold) by recording artist to record company
    • "Split sheet" is how songwriters initially divide up copyright ownership for a song written by multiple songwriters
  • Copyright management system:
    • Songwriter
      • Verified identity with KYC, etc.
    • Publisher
  • Currently uses did:web, will transition to something like did:webs
    • Working with industry partner looking at did:ion
  • Software-based legal contracts
    • Songwriter agreements
  • Web and mobile interactions
    • Name, writer, share, signature, etc.
  • Export the credentials in different formats to support the different reqs in the supply chain.
  • Avoid music silos, 'bring your own identity'
  • Social graphs of cryptographic identifiers via the creative process
    • Organizational identity is just as important for legal, etc.
25 minsDiscussionOpen
  • KERI Perspective: secure rich discovery
    • authorized identifier list
      • Not did:webs specific
  • did:webs perspective
    • generator/resolver use the authorized identifier list
      • EquivId, Redirection, and Authorized Domain is all satisfied by the authorized identifiers that are did:webs
      • AlsoKnownAs is all non-did:webs DID identifiers (Markus can weigh in on non-DID identifiers
    • Questions
      • resolution must fail? or is it just that the metadata isn't there? And thus redirection, etc. is not valid?
      • perhaps only the did:web version is allowed then? can the resolver redirect to did:web, is there a way to notify the user?
      • this brings up the classic issue, that you need to know about weaker security.
  • Domain related history, validation, and more
    • EquivalentID
      • EquivalentID use in did doc metadata
        • only other did:webs
          • did:web on the same domain, but different security characteristics
          • did:keri has same security characteristics but not web specific
      • for reference:
        • did:indy automatically carries two equivalentIds
        • did:ion has long-form and short-form
    • AlsoKnownAs (AKA)
      • Automatic transformations of AlsoKnownAs
        • did:web on the same server, but different security characteristics
        • did:keri has same security characteristics but not web specific
      • Redirection says Authorized domains anchored to KEL
        • Mastadon community uses AKA as redirection
    • Handling Web Redirection
      • Stabilizing did:webs on an unstable web
      • Redirection is equivalency 
      • Redirection says Authorized domains anchored to KEL
        • Mastadon community uses AKA as redirection
    • Recent discussion in Spoofing issue
    • Domain authority issue
      • each attestation is not chained
      • rules section states no control (does not require control) of the domain (per our conv. last week)
        • Is there something special about domain control?
        • should we also link to the spec, where it acknowledges that web infrastructure is dynamic and how the process works to keep the identifier stable over time.
      • Any considerations with path?
    • Matrix to facilitate the search for the simplest schema(s)
anchored to KELstable/hist did:websEquiv/AKA/redirectauthorized domain
whole identifierxxx

date time




5 minsAny other businessOpen


5 mins
  • Review decisions/action items
  • Planning for next meeting 
Chairs