Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider enabling optional verification methods #231

Open
KendallWeihe opened this issue Jun 12, 2024 · 4 comments
Open

Consider enabling optional verification methods #231

KendallWeihe opened this issue Jun 12, 2024 · 4 comments

Comments

@KendallWeihe
Copy link
Contributor

Originally spurred from here, please read the full comment exchange for context #190 (comment)
@KendallWeihe KendallWeihe mentioned this issue Jun 12, 2024
Merged
@enmand
Copy link
Contributor

enmand commented Jun 13, 2024

I'll split those changes out of that PR for now so the decision doesn't block it

@enmand enmand mentioned this issue Jun 13, 2024
Open
@decentralgabe
Copy link
Member

what's the use case?

@KendallWeihe
Copy link
Contributor Author

what's the use case?

@decentralgabe refer to the linked comment in #190 for full context. If you disagree with the proposal then please voice your concern.

@decentralgabe
Copy link
Member

decentralgabe commented Jun 13, 2024
edited
Loading

expounding on my prior comment there are two schools of thought

  1. Let's support the specs
  2. Let's support a subset of the specs that is sensible

For Web5, we've gone with approach 2. We're exploring whether approach 1 makes more sense.
I have in mind, at least one case, where 2 is a requirement: in the VCDM we do not want to support JSON-LD processing. It is unnecessary for our use cases, adds significant complexity, and security risk (without very careful implementation). We have JSON Schema that serves our needs. Now, when I originally implemented the ssi-sdk I implemented JSON-LD processing to take approach 1. The feature was not ever used - to my knowledge. This does not mean it won't ever be useful, though it was not worth the time or effort to implement it prematurely, nor did it break usage of the data model without LD processing.

This leads to me to my current thinking which is a hybrid of (1) and (2): let's implement the specs to be as useful as possible. This means if there are usecases that can be served (either by us at TBD or the community at large) by implementing features of the specification, we should do it--or at least take these feature requests under strong consideration. Barring that, creating optionality for the sake of conforming to the spec, I believe, creates more risk than benefit.

Directing this line of reasoning toward this issue I will ask: do we have a use case for a DID Document without a Verification Method? I cannot think of one where it would be useful. In fact I think it would be more confusing to resolve a DID, see it has no Verification Methods, and not be able to do anything with it.

One alternate approach: support creating DIDs with Verification Methods (required), but resolving/serializing/deserializing without.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
SDK Development
Status: No status
Milestone
No milestone
Development

No branches or pull requests
3 participants
@enmand @KendallWeihe @decentralgabe