Skip to content
This repository has been archived by the owner on Oct 29, 2019. It is now read-only.

[Extensibility] references the formal concept of the Decentralized Identifiers Data Model but there is nothing in the document with this formal name/concept #151

Closed
mwherman2000 opened this issue Jan 5, 2019 · 26 comments
Labels
clarify There is consensus, but the spec needs clarifying

Comments

@mwherman2000
Copy link

mwherman2000 commented Jan 5, 2019

In https://w3c-ccg.github.io/did-spec/#extensibility, it references the formal concept of a Decentralized Identifiers Data Model for the first time.

However, there is no previous mention of a formal Data Model in the draft DID spec. There is no previous section or subsection with a heading of "Decentralized Identifiers Data Model" or simply "Data Model".

There is no picture/graphic of the DID Data Model.

I believe the lack of a clearly defined and visual Data Model is the root cause of many of the Issues that have been documented recently.

Here's an example of a possible solution ...

Hyperledger Indy/Sovrin Comprehensive Architecture Reference Model (INDY ARM) - latest version - bullets (12) thru (16) in both the diagram, Narration, and principles.

Also checkout https://hyperonomy.com/2019/01/04/the-path-from-a-id-did-to-a-real-life-something/

@mwherman2000
Copy link
Author

mwherman2000 commented Jan 5, 2019

There is an ad-hoc reference to "data model" in the subtitle of the document and couple references in the front-mater of the document but nothing that is called out as the actual DID Data Model.

@rhiaro rhiaro added the clarify There is consensus, but the spec needs clarifying label Jan 25, 2019
@jandrieu
Copy link
Contributor

jandrieu commented Feb 1, 2019

This is a good point. Because valid DIDs always resolve to a DID Document, and NOT to any other type of resource, the DID spec specifies both the DID and the DID Document (which is what the data model is about). DID methods and DID resolution should be external specs. We should explain that sooner so it those distinctions are clear.

There's a valid question about what content should be in a separate spec. For example, until recently, we had resolution-related text, which is now being moved to a dedicated DID Resolution specification.

My perspective is that a DID that resolves to anything OTHER than a DID Document is not a valid DID, which makes the definition of the DID and DID Document intimately related.

I suppose it is still an open question where we should state the requirements for ALL methods. These probably go to DID Resolution, but its worth discussing.

@talltree
Copy link
Contributor

talltree commented Feb 2, 2019 via email

@mwherman2000
Copy link
Author

@rhiaro Why was this issue closed without the specific text being resolved in the draft DID spec? Please re-open it.

@mwherman2000
Copy link
Author

mwherman2000 commented Feb 2, 2019

valid DIDs always resolve to a DID Document

I believe the above statement is not true/correct @jandrieu.

  1. DIDs can simply stand alone without ever having to be resolved to a DID Document. Here's an example from the getting_started.py Indy script:
    https://github.com/mwherman2000/indy-dev/blob/master/python/doc/getting_started-verbose.log#L20-L32
    This script uses DIDs hundreds of times and never once uses, references, to resolves a DID to a DID Document.

  2. In addition, how an application chooses to use a DID is entirely up to that application. For example, the same script above can use, with impunity, the same DIDs to store and index documents on IPFS or a plain old file system.

im·pu·ni·ty: exemption from punishment or freedom from the injurious consequences of an action.

This comes back to @msporny 's comment/suggestion that we need to refactor the spec to have a section, for example, that only talks about a DID solely from the perspective of being a decentralized identifier, a separate section for the actions, etc.
Reference: #159 (comment)
Reference: https://tools.ietf.org/html/rfc3986#section-1.2.2

@rhiaro
Copy link
Member

rhiaro commented Feb 2, 2019

@rhiaro Why was this issue closed without the specific text being resolved in the draft DID spec? Please re-open it.

As far as I can see, this issue has at no point been closed. Definitely valid, and I expect it will be addressed as part of the follow up to #159

@mwherman2000
Copy link
Author

@rhiaro Why was this issue closed without the specific text being resolved in the draft DID spec? Please re-open it.

As far as I can see, this issue has at no point been closed. Definitely valid, and I expect it will be addressed as part of the follow up to #159

My bad: Why was #142 closed with no resolution?

@rhiaro
Copy link
Member

rhiaro commented Feb 2, 2019

My bad: Why was #142 closed with no resolution?

We should continue that conversation in #142

@brentzundel
Copy link
Contributor

brentzundel commented Feb 2, 2019 via email

@mwherman2000
Copy link
Author

mwherman2000 commented Feb 3, 2019

A DID is not just a decentralized identifier, it is a decentralized identifier tied to a document that outlines the ways to prove control of the identifier.

Maybe this is the difference between a DID and a Verifiable (and/or Verified) DID?

@brentzundel
Copy link
Contributor

brentzundel commented Feb 3, 2019 via email

@mwherman2000
Copy link
Author

mwherman2000 commented Feb 3, 2019

RE: If a DID isn't verifiable, isn't it just a GUID?

That 'tis the question. For example, I can create a DID in my wallet and then use it for several different use cases without: (a) ever persisting to a Ledger, and (b) a requirement to create a DID Document. Here's some code:
https://github.com/mwherman2000/indy-dev/blob/master/python/getting_started-verbose.py#L40-L55

In fact, the entire getting_started-verbose.py script delivers a set of highly valuable business processes without using DID Documents at all ...just DIDs ...many of which are never persisted to the Ledger.

@brentzundel
Copy link
Contributor

brentzundel commented Feb 3, 2019 via email

@peacekeeper
Copy link
Member

Note that the ledger or other target system where the DID is created/registered does not necessarily have to support DID documents natively, in order to conform to the spec. All that's required is to have a well-defined DID Resolution process that produces a DID document. Bitcoin- and Ethereum- based DID methods don't "store" a DID document anywhere, but a resolver can still produce one.

In the case of Indy/Sovrin, it will be nice to have native support for DID documents in that particular target system, but even without it, e.g. the Universal Resolver can already resolve did:sov identifiers to DID documents today.

@mwherman2000
Copy link
Author

mwherman2000 commented Feb 3, 2019

I am familiar with that code, and would say that while it should certainly
be possible to use a DID without anchoring it to a ledger, ...

@brentzundel If you re-read the code, the script does in fact anchor the DIDs to the Ledger (e.g. 3 of the 4 DIDs generated in the first several tasks in the script are persisted to the Ledger with Verkeys) ...it doesn't require a DID Document to accomplish this. Here's a visualization of the message flow of the first several tasks...

Government - Onboarding ...click to enlarge it.

@mwherman2000
Copy link
Author

mwherman2000 commented Feb 4, 2019

Strawman: A Verifiable DID is a DID that has associated with it a verifiable NYM Transaction (or equivalent).

See Level 3 in the DID 6-Layer Model below (#151 (comment)).

@talltree
Copy link
Contributor

talltree commented Feb 5, 2019 via email

@mwherman2000
Copy link
Author

mwherman2000 commented Feb 5, 2019

@talltree Your discussion starts off in a good general direction, then for me it diverges :-) ...I'll comment in detail later today. In the meantime, my first reading of your comments (as well as the offline discussions about re-structuring the draft DID spec) inspired the following model...

DID 6-Layer Model Draft document for discussion purposes (was DID 7-Layer Model)
DID 6-Layer Model

"I'll be back..."

@rhiaro rhiaro mentioned this issue Feb 5, 2019
@mwherman2000
Copy link
Author

mwherman2000 commented Feb 5, 2019

From @msporny (during the CCG call): https://w3c.github.io/vc-data-model/ is a good example of a) potential structure of the the overall DID spec as well as b) best practices for presenting a data model (the focus of this issue).

@mwherman2000
Copy link
Author

mwherman2000 commented Feb 6, 2019

@talltree Replying to your comments [above], ...

We’re truly in the embryonic stages of giving birth to an exciting and powerful new technology/paradigm/platform. Nobody really understands what it is going to produce and the profound changes it is going to have – and here, I will use your analogy, like the birth of DNS. It's not a time to be exclusionary ...it's a time to be inclusionary.

What I am asking for is for [Level 2 and Level 3](#151 (comment) (see above) to be recognized because they enable use cases we can’t imagine …for example, lightweight use cases in the IoT space, process control, other embedded systems, etc. where it isn’t easy or practical to support the heavy(ier) weight of the Levels 4-6 layers and protocols.

...additionally, from an Indy perspective, recognizing Level 2 and Level 3 don't require any new code to be written or existing code to be changed. Level 2 and Level 3 have already been implemented and are functioning well.

If you watch @peacekeeper 's DID Resolution webcast starting 400 seconds into the video, Markus does a good job of explaining how a DID Document is reconstructed (aka resolved) from NYM and ATTRIB transactions on the Ledger: https://www.youtube.com/watch?v=gf2g4O3yqCc&feature=youtu.be&t=400 …watch for 3 minutes from 6:40 to timecode 9:30.

Level 3 is saying: if you have a trusted/verifiable NYM Transaction (or equivalent), you have a Verifiable DID …with no DID Document overhead. …because a NYM Tx, by itself, is like the degenerate/simplest case of a DID Document.

@talltree
Copy link
Contributor

talltree commented Feb 7, 2019 via email

@mwherman2000
Copy link
Author

mwherman2000 commented Feb 7, 2019

[Humorous sidenote: @talltree I think you and I are dreaming the same dream at the same time (modulo time zones) :-)]

I basically agree with you for the lower layers but want to postulate: Where should DID Documents be defined/spec'ed out? ...given that they are exclusively an output of the DID Resolution process?

Digging deeper...

  1. Is there an analogy/are there parallels between:

    • the DID and DID Document "information architecture", and
    • the IP Address/TCP-IP/DNS information architecture?
  2. Is the IP Address/TCP/IP information architecture analogous to DIDs?
    ...similar to the way DID Documents are analogous to DNS entries?

  3. If it doesn't make sense to spec DNS entries in the IP/TCP-IP specs, why are we trying to spec DID Documents in the DID spec (instead of the DID Resolution spec)?

Reference: Here's a DNS primer that some people might find helpful (DNS is much more than a domain name => IP address resolver):
https://hyperonomy.com/2019/01/02/dns-domain-name-service-a-detailed-high-level-overview/

NOTE: This might come up on the first inaugural DID Resolution call "this afternoon".

@mwherman2000
Copy link
Author

mwherman2000 commented Feb 7, 2019

Here's an updated version of the DID 6-Layer Model to illustrate the points in the preceding comment...

image

@talltree
Copy link
Contributor

talltree commented Feb 8, 2019 via email

@rhiaro
Copy link
Member

rhiaro commented Mar 3, 2019

There is now (0366ed0) a Core Data Model section in the spec. It's just a stub, and the precise contents will be ironed out and it will be filled out with an overview of the main concepts, so hopefully that resolves this issue.

@rhiaro rhiaro closed this as completed Mar 3, 2019
@mwherman2000
Copy link
Author

mwherman2000 commented Mar 3, 2019

In the proposed changes 0366ed0, I don't see where the phrase "Decentralized Identifiers Data Model" was removed or changed.

We should make sure Core Data Model is used consistently through the document (including the title: #130 (comment)).

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
clarify There is consensus, but the spec needs clarifying
Projects
None yet
Development

No branches or pull requests

6 participants