PROPOSAL: Breaking change for sec-v3-unstable

Question

PROPOSAL: Breaking change for sec-v3-unstable

OR13 opened this issue 3 years ago · comments

I propose we combine the terms from sec-1 and sec-2 and then remove all Linked Data Suite specific RDF Classes from sec-v3, such that it can be safely used with the linked data suites currently registered via w3id.org.

for example:

{
  "@context": ["https://w3id.org/security/v3-unstable", "https://w3id.org/security/suites/ed25519-2018/v1"]
}

note that Ed25519VerificationKey2018 was originally defined in https://w3id.org/security/v2.... I am asserting that nothing defined under /suites should be defined in sec-v3-unstable

This proposal would also align with the approach we took with did core:

{
  "@context": ["https://www.w3.org/ns/did/v1", "https://w3id.org/security/suites/ed25519-2018/v1"]
}

Orie Steele · Answer 1 · Thu May 20 2021 03:08:16 GMT+0800 (China Standard Time)

ping @dlongley @davidlehn @msporny @tplooker @kdenhartog @dmitrizagidulin @iherman

Dave Longley · Answer 2 · Thu May 20 2021 03:27:27 GMT+0800 (China Standard Time)

So, I'm in support of making sec-v3 work with suite contexts. However, I don't know, at this point, if sec-v3 is even useful/needed. Why not just use the feature-specific security context(s) you need?

Manu Sporny · Answer 3 · Thu May 20 2021 03:29:47 GMT+0800 (China Standard Time)

I don't know, at this point, if sec-v3 is even useful/needed. Why not just use the feature-specific security context(s) you need?

Do we need to keep sec-v3-unstable around to deal with all the security context stuff that /isn't/ in a cryptosuite? I haven't done the work to determine what's left after we move all the cryptosuites out of the security context.

Also, @kdenhartog -- is Mattr using sec-v3-unstable? I remember that being a possibility at some point in the past.

Dave Longley · Answer 4 · Thu May 20 2021 03:56:11 GMT+0800 (China Standard Time)

Do we need to keep sec-v3-unstable around to deal with all the security context stuff that /isn't/ in a cryptosuite?

Like what? We've created separate contexts for WebKMS and zCaps as well. I think a cleaner model is to make contexts for specific features -- rather than trying to bundle everything together and hope for the best ... or bundle some of the things (which ones?) that may not appear in other contexts (what happens when we make new contexts that do have those things?).

Kyle Den Hartog · Answer 5 · Thu May 20 2021 08:21:57 GMT+0800 (China Standard Time)

Also, @kdenhartog -- is Mattr using sec-v3-unstable? I remember that being a possibility at some point in the past.

At this point we've updated the BBS libraries to use the specific suite when signing, but I believe we still support verification of sec-v3-unstable for compatibility. Internally though we're still using the github.io and are likely to cut directly over to the suite here soon. So I don't think this is going to cause us issues. Additionally I'm +1 to this change for an ideal long term solution.

Orie Steele · Answer 6 · Tue May 25 2021 00:48:14 GMT+0800 (China Standard Time)

If we don't need sec-v3 at all, we should mark sec-v2 as deprecated, and ensure that it can be completely removed from VC Data Model of LD Signatures tooling in the future.

This proposal assumes that not possible, and the second best option would be to flatten terms that are required from sec-v1 and sec-v2 into sec-v3.