index.html

<!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8">
    <title>did:web Method Specification</title>
    <script src="https://www.w3.org/Tools/respec/respec-w3c" async class="remove"></script>
    <script class="remove">
      var respecConfig = {
        specStatus: "CG-DRAFT",
        shortName: "did-method-web",
        wg: "Credentials Community Group",
        wgURI: "https://www.w3.org/community/credentials/",
        wgPublicList: "public-credentials",
        editors: [{
          name: "Dmitri Zagidulin",
          email: "dzagidulin@gmail.com"
        },
        {
          name: "Oliver Terbu",
          email: "oliver.terbu@consensys.net",
          company: "Consensys",
          companyURL: "https://consensys.net"
        },
        {
          name: "Amy Guy",
          url: "https://rhiaro.co.uk",
          company: "Digital Bazaar",
          companyURL: "https://digitalbazaar.com",
          email: "amy@rhiaro.co.uk"
        }],
        authors: [
        {
          name: "Oliver Terbu",
          email: "oliver.terbu@consensys.net",
          company: "Consensys",
          companyURL: "https://consensys.net"
        },
        {
          name: "Mike Xu",
          email: "mike.xu@consensy.net",
          company: "Consensys",
          companyURL: "https://consensys.net"
        }],
        github: "https://github.com/w3c-ccg/did-method-web",

        localBiblio: {
          "DID-PRIMER": {
            title: "DID Primer",
            href: "https://github.com/WebOfTrustInfo/rebooting-the-web-of-trust-fall2017/blob/master/topics-and-advance-readings/did-primer.md",
            authors: [
              "Drummond Reed",
              "Manu Sporny",
              ],
            publisher: "Rebooting the Web of Trust 2017"
          },
          "DID-DNS": {
            title: "The Decentralized Identifier (DID) in the DNS",
            href: "https://tools.ietf.org/html/draft-mayrhofer-did-dns-01",
            authors: ["A. Mayrhofer", "D. Klesev", "M. Sabadello"],
            status: "Internet Draft",
            publisher: "IETF"
          },
          "OWASP-TRANSPORT": {
            title: "Transport Layer Protection Cheatsheet",
            href: "https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet",
          }
        },
      };
    </script>
  </head>
  <body>
    <section id="abstract">
      <p>
DIDs that target a distributed ledger face significant practical challenges in
bootstrapping enough meaningful trusted data around identities to incentivize
mass adoption. We propose using a new DID method in conjunction with
blockchain-based DIDs that allows them to bootstrap trust using a web domain's
existing reputation.
      </p>
    </section>
    <section id="sotd">
    </section>
    <section>
      <h1>
Introduction
      </h1>
      <section>
        <h2>
Preface
        </h2>
        <p>
The Web DID method specification conforms to the requirements specified in the
Decentralized Identifiers v1.0 Specification [[DID-CORE]]. For more
information about DIDs and DID method specifications, please also see the
[[?DID-PRIMER]]
        </p>
      </section>
      <section id="conformance">
<!-- This section is filled automatically by ReSpec. -->
      </section>
      <section>
        <h2>
Example
        </h2>

        <p class="issue" title="More examples">
Add non-ethereum example keys (ed25519, RSA, etc)
        </p>

        <pre class="example" title="Example did:web DID document">
{
  "@context": "https://w3id.org/did/v1",
  "id": "did:web:example.com",
  "publicKey": [{
       "id": "did:web:example.com#owner",
       "type": "Secp256k1VerificationKey2018",
       "owner": "did:web:example.com",
       "ethereumAddress": "0xb9c5714089478a327f09197987f16f9e5d936e8a"
  }],
  "authentication": [{
       "type": "Secp256k1SignatureAuthentication2018",
       "publicKey": "did:web:example.com#owner"
  }]
}
        </pre>
      </section>
    </section>

    <section>
      <h1>
Web DID Method Specification
      </h1>

      <section>
        <h2>
Target system
        </h2>
        <p class="issue" title="DIDs in DNS">
Explain the difference from / relationship with the Decentralized Identifier
in DNS [[?DID-DNS]] spec.
        </p>
        <p>
The target system of the Web DID method is the web host that the domain name
described by the DID resolves to when queried through the Domain Name System
(DNS).
        </p>
      </section>

      <section>
        <h2>
Method name
        </h2>
        <p>
The namestring that shall identify this DID method is: <code>web</code>.

A DID that uses this method MUST begin with the following prefix:
<code>did:web</code>. Per the DID specification, this string MUST be in
lowercase. The remainder of the DID, after the prefix, is specified below.
        </p>
      </section>

      <section>
        <h2>
Method-specific identifier
        </h2>
        <p>
The method specific identifier is a fully qualified domain name that is
secured by a TLS/SSL certificate with an optional path to the DID document.
The formal rules describing valid domain name syntax are described in
[[RFC1035]], [[RFC1123]], and [[RFC2181]].
        </p>
        <p>
The method specific identifier MUST match the common name used in the SSL/TLS
certificate, and it MUST NOT include IP addresses or port numbers. Directories
and subdirectories MAY optionally be included, delimited by colons rather
than slashes.
        </p>

        <pre class="nohighlight">
web-did = "did:web:" domain-name
web-did = "did:web:" domain-name * (":" path)
        </pre>

        <pre class="example nohighlight" title="Example Web Method DIDs">
did:web:w3c-ccg.github.io

did:web:w3c-ccg.github.io:user:alice
        </pre>
      </section>

      <section>
        <h2>
JSON-LD context definition
        </h2>
        <p>
The definition of the Web DID JSON-LD context is:
        </p>

        <pre title="Web DID method JSON-LD context">
{
    "@context":
    {
        "ethereumAddress": "https://github.com/uport-project/ethr-did-resolver#ethereumAddress",
        "Secp256k1VerificationKey2018": "https://github.com/uport-project/ethr-did-resolver#Secp256k1VerificationKey2018",
        "Secp256k1SignatureAuthentication2018": "https://github.com/uport-project/ethr-did-resolver#Secp256k1VerificationKey2018",
    }
}
        </pre>
        <p class="issue" title="Update context">
Bring the context definition in line with latest DID Core.
        </p>
      </section>

      <section>
        <h2>
DID method operations
        </h2>
        <section>
          <h3>
Create (Register)
          </h3>
          <p>
Creating a DID is done by:
          </p>
          <ol>
            <li>
applying at a domain name registrar for use of a domain name and
            </li>
            <li>
storing the location of a hosting service, the IP address at a DNS lookup
service
            </li>
            <li>
creating the DID document JSON-LD file including a suitable keypair, e.g.,
using the Koblitz Curve, and storing the <code>did.json</code> file under the
well-known URL to represent the entire domain, or under the specified path if
many DIDs will be resolved in this domain.
            </li>
          </ol>

          <p>
For example, for the domain name `w3c-ccg.github.io`, the `did.json` will be
available under the following URL:
          </p>

          <pre class="example nohighlight" title="Creating the DID">
did:web:w3c-ccg.github.io
 -> https://w3c-ccg.github.io/.well-known/did.json
          </pre>

          <p>
If an optional path is specified rather the bare domain, the
<code>did.json</code> will be available under the specified path:
          </p>

          <pre class="example nohighlight" title="Creating the DID with optional path">
did:web:w3c-ccg.github.io:user:alice
 -> https://w3c-ccg.github.io/user/alice/did.json
          </pre>

        </section>

        <section>
          <h3>
Read (Resolve)
          </h3>
          <p>
The following steps MUST be executed to resolve the DID document from a Web
DID:
          </p>

          <ol>
            <li>
Replace ":" with "/" in the method specific identifier to obtain the fully
qualified domain name and optional path.
            </li>
            <li>
Generate an HTTPS URL to the expected location of the DID document by
prepending <code>https://</code>.
            </li>
            <li>
If no path has been specified in the URL, append <code>/.well-known</code>.
            </li>
            <li>
Append <code>/did.json</code> to complete the URL.
            </li>
            <li>
Perform an HTTP <code>GET</code> request to the URL using an agent that can
successfully negotiate a secure HTTPS connection, which enforces the security
requirements as described in <a href="#security-and-privacy-considerations"></a>.
            </li>
          </ol>

          <p class="issue" data-number="13">
The read mechanism does not provide any sort of auditability on the DID, which
leaves this DID Method open to insider-threat attacks, among others.
          </p>

          <p class="issue" data-number="14">
Reads enable pervasive tracking of DID use across the Internet. There is
currently no mitigation for this privacy-violating mechanism.
          </p>
        </section>

        <section>
          <h3>
Update
          </h3>
          <p>
To update the DID document, the <code>did.json</code> has to be updated.
Please note that the DID will remain the same, but the contents of the DID
document could change, e.g., by including a new verification key or adding
service endpoints.
          </p>

          <p class="issue" data-number="12">
This DID method does not specify any authentication or authorization mechanism
for writing to the DID Document, leaving it up to implementations to protect
from modification by an attacker.
          </p>

          <p class="note" title="HTTP API">
There is no HTTP API specified for the update process leaving programmatic
registrations and management to be defined by each implementation.
          </p>
        </section>

        <section>
          <h3>
Deactivate (Revoke)
          </h3>
          <p>
To delete the DID document, the <code>did.json</code> has to be removed or has
to be no longer publicly available due to any other means.
          </p>
        </section>
      </section>

      <section class="informative">
        <h2>
Security and privacy considerations
        </h2>

        <section>
          <h3>
DNS Considerations
          </h3>

          <p class="issue" title="DNS tracking">
Add warning - all resolutions of a did:web identifier using DNS are centrally
logged, enabling pervasive tracking mechanisms.
          </p>

          <p class="issue" title="DNS security">
Add discussion of DNSCrypt and DNS Security Extensions (DNSSEC) and similar
methods as possible mitigation tools.
          </p>

        </section>

        <section>
          <h3>
DID Document Integrity Verification
          </h3>

          <p class="issue" title="Hashlinks">
Add discussion of using <a
href="https://tools.ietf.org/html/draft-sporny-hashlink">Hashlinks</a> to aid
integrity protection and verification of the DID document.
          </p>

        </section>
        <section>
          <h3>
In-transit Security
          </h3>

          <p>
At least TLS 1.2 should be configured to use only strong ciphers suites and to
use sufficiently large key sizes. As recommendations may be volatile these days,
only the very latest recommendations should be used. However, as a rule of
thumb, the following must be used:
          </p>

          <ul>
            <li>
Ephemeral keys are to be used.
            </li>
            <li>
ECDHE with one of the strong curves {X25519, brainpoolP384r1, NIST P-384,
brainpoolP256r1, NIST P-256} shall be used as key exchange.
            </li>
            <li>
AESGCM or ChaCha20 with 256 bit large keys shall be used for bulk encryption
            </li>
            <li>
ECDSA with one of the strong curves {brainpoolP384r1, NIST P-384,
brainpoolP256r1, NIST P-256} or RSA (at least 3072) shall be used.
            </li>
            <li>
Authenticated Encryption with Associated Data (AEAD) shall be used as Mac.
            </li>
            <li>
At least SHA256 shall be used, but SHA384 or POLY1305 are recommended.
            </li>
          </ul>

          <p>
Examples of strong SSL/TLS configurations for now are:
          </p>
          <ul>
            <li>
<code>ECDHE-ECDSA-AES256-GCM-SHA384, TLSv1.2, Kx=ECDH, Au=ECDSA,
Enc=AESGCM(256), Mac=AEAD</code>
            </li>
            <li>
<code>ECDHE-RSA-AES256-GCM-SHA384, TLSv1.2, Kx=ECDH, Au=RSA Enc=AESGCM(256),
Mac=AEAD</code>
            </li>
            <li>
<code>ECDHE-ECDSA-CHACHA20-POLY1305, TLSv1.2, Kx=ECDH, Au=ECDSA,
Enc=ChaCha20-Poly1305, Mac=AEAD</code>
            </li>
            <li>
<code>ECDHE-RSA-CHACHA20-POLY1305, TLSv1.2, Kx=ECDH, Au=RSA,
Enc=ChaCha20-Poly1305, Mac=AEAD</code>
            </li>
            <li>
<code>ECDHE-RSA-AES256-GCM-SHA384, TLSv1.2, Kx=ECDH, Au=RSA,
Enc=AESGCM(256), Mac=AEAD</code>
            </li>
            <li>
<code>ECDHE-ECDSA-AES256-GCM-SHA384, TLSv1.2, Kx=ECDH, Au=ECDSA,
Enc=AESGCM(256), Mac=AEAD</code>
            </li>
          </ul>

          <p>
It is recommended to adhere to OWASP's Transport Layer Protection Cheat Sheet
[[OWASP-TRANSPORT]] latest recommendations for hardening TLS configurations.
          </p>

          <p>
Delete action can be performed by domain name registrars or DNS lookup
services.
          </p>

        </section>

        <section>
          <h3>
Optional Path Considerations
          </h3>
          <p>
When optional paths to DID documents are used to resolve documents rather than
bare domains, verification with signed data proves that the entity in control
of the file indicated in the path has the private keys. It does not prove that
the domain operator has the private keys.
          </p>

          <p>
This example:
          </p>

          <pre class="nohighlight">
did:web:example.com:u:bob
          </pre>
          <p>
resolves to the DID document at:
          </p>
          <pre class="nohighlight">
https://example.com/u/bob/did.json
          </pre>
          <p>
In this scenario, it is probable that example.com has given user Bob control
over the DID in question, and proofs of control refer to Bob rather than all
of example.com.
          </p>
        </section>
      </section>
    </section>

    <section class="appendix informative">
      <h1>
Reference implementations
      </h1>
      <p>
The code at <a href="https://github.com/uport-project/https-did-resolver">uport-project/https-did-resolver</a>
is intended to present a reference implementation of this DID method. Any
other implementations should ensure that they pass the test suite described in
<code>/src/__tests__</code> before claiming compatibility.
      </p>
    </section>
  </body>
</html>