diff --git a/common.js b/common.js index d275283a..dcdf5a80 100644 --- a/common.js +++ b/common.js @@ -41,6 +41,16 @@ var ccg = { status: "FPWD", publisher: "Verifiable Claims Working Group" }, + "DID-CORE-REGISTRIES": { + title: "Decentralized Identifier Core Registries", + href: "https://w3c.github.io/did-core-registries/", + authors: [ + "Orie Steele", + "Manu Sporny" + ], + status: "ED", + publisher: "Decentralized Identifier Working Group" + }, "DID-USE-CASES": { title: "Decentralized Identifier Use Cases", href: "https://w3c.github.io/did-use-cases/", diff --git a/index.html b/index.html index 53d42641..f196b6a7 100644 --- a/index.html +++ b/index.html @@ -652,6 +652,10 @@

DID Resolvers

DID document (and associated metadata) as output in a process called DID resolution.

+ + +
+

DID Dereferencers

The inputs and outputs of the DID resolution process are defined in . Additional considerations for implementing a @@ -735,6 +739,19 @@

Security and Privacy

when consuming non-conforming DIDs or DID Documents.

+

+A conforming DID resolver MUST be capable of performing the DID +resolution process, as described in , for at +least one DID method and MUST return a conforming DID document in +at least one conformant representation. +

+ +

+A conforming DID URL dereferencer MUST implement the DID URL +dereferencing process, as described in +for at least one conformant representation. +

+
@@ -2694,12 +2711,113 @@

DID Resolution

+ +

+The DID resolution process takes a DID and +resolution options as input, and produces a DID document and +resolution metadata as output. The process utilizes the "Read" operation of +the applicable DID method, as described in . +The DID method-specific details of how this process is accomplished is +outside the scope of this specification, but all implementations MUST implement +a function in the form: +

+ +

+resolve ( did, input-metadata ) -> ( did-document, did-document-metadata, did-resolution-metadata ) +

+ +

+The inputs of this function are a DID and a set of input metadata. The +DID is REQUIRED. Note that if the caller of this function wishes to resolve a DID URL, +the caller MUST first transform the DID URL into a bare DID, +including removal of any fragment. The input metadata are a map of key-value +string pairs as described in . +The input metadata are REQUIRED but the map MAY be empty. Concrete bindings MUST NOT +define additional inputs to this function. +

+ +

+The possible properties for the input metadata are defined by the DID Core Registry [[?DID-CORE-REGISTRIES]]. This specification +defines the following keys and values for these properties: + +

+
accept
+
The MIME type of the preferred representation of the DID document. The DID resolver MAY + use this value to determine the representation of the returned DID document if such a + representation is supported and available.
+
+

+ +

+The DID resolver executes the "Read" operation of the DID method as described in +. If successful, the outputs of this function MUST contain a DID document, +a set of metadata for the DID document (which MAY be empty), and a set of metadata for the resolution process. If +the function results in an error, the outputs MUST contain a set of metadata for the resolution process. +

+ +

+The DID document is returned as a byte stream of a conformant representation +as determined and supported by the DID resolver. The caller of the DID resolution function +can then parse and process the DID document from this byte stream. The DID document is +REQUIRED unless an error is returned by the DID resolution function. +

+ +

+When a DID document is returned, the DID document metadata is returned as a map of +name-value properties as described in . This metadata +contains information about the input DID and the returned DID document. This metadata +typically does not change between invocations of the DID resolution function. The keys and +possible values for this metadata are defined in the DID Core Registry [[?DID-CORE-REGISTRIES]]. +The DID Document metadata MAY be empty. +

+ +

+The contents of the DID document metadata still needs to be defined within this document. +

+ +

+The DID resolution metadata is returned as a map of name-value properties as described in +. This metadata contains information about the results of +the resolution process. This metadata typically changes between invocations of the DID resolution +function. The property names and possible values for this metadata are defined by the DID Core Registry [[?DID-CORE-REGISTRIES]]. This +specification defines the following keys and values: + +

+
content-type
+
The mime-type of the returned conformant representation of the DID document if successful. + The DID resolver MUST supply this value when a DID document + is returned. The caller of the resolution function MUST use this value when determining how to + parse and process the byte stream returned by this function into + DID document.
+ +
error
+
The error code from the resolution process. The DID resolver MUST supply + this value when there is an error. The possible values + this field are defined by the DID Core Registry [[?DID-CORE-REGISTRIES]]. This specification defines the following + error values: + +
+
invalid-did
+
The DID supplied to the DID resolution function does not + conform to valid syntax. (See .)
+ +
unauthorized
+
The caller is not authorized to resolve this DID with + this DID resolver.
+
+ +
+ +
+

+

DID URL Dereferencing

+