Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updates the pre-rotation and witnesses sections with feedback from the first set of updates #159

Merged
merged 10 commits into from
Dec 20, 2024

Conversation

swcurran
Copy link
Collaborator

Adjusts the recently changes pre-rotation and witness section, addressing a number of issues:

The goal is that this PR should complete the changes needed in v0.5 -- including the renaming.

Please review carefully!

@swcurran swcurran requested review from a team December 11, 2024 23:54
@brianorwhatever
Copy link
Contributor

I am not totally comfortable with the disable prerotation feature. See comment in #151

spec/specification.md Outdated Show resolved Hide resolved
spec/specification.md Outdated Show resolved Hide resolved
spec/specification.md Outdated Show resolved Hide resolved
spec/specification.md Outdated Show resolved Hide resolved
spec/specification.md Outdated Show resolved Hide resolved
Signed-off-by: Stephen Curran <[email protected]>
… nextKeyHashes, updateKeys or witnesses

Signed-off-by: Stephen Curran <[email protected]>
@brianorwhatever
Copy link
Contributor

So with the new null option for nextKeyHashes what about undefined aka the parameter is left off. This should definitely be a failure case right?

@andrewwhitehead
Copy link
Contributor

andrewwhitehead commented Dec 19, 2024

So with the new null option for nextKeyHashes what about undefined aka the parameter is left off. This should definitely be a failure case right?

If a parameter is left off it should carry on with its old value, although in this case the update would be invalid because we require it to be changed (once set).

My perspective was that parameters that have never been set default to null and they can be reset to null (since undefined isn't supported in JSON). Although we could also define default (implicit) values for each parameter.

@swcurran
Copy link
Collaborator Author

Need to get to a final answer on this.

  1. We could add to the spec that all parameters are initialized to null.
  2. We could add the default to null and remove the empty list “[]” option for the array items, leaving only null — used initially and when reset.

As noted in the spec, a missing value in the parameters means “unchanged from the previous value”. As Andrew notes, some parameters add rules of when that a missing value is unacceptable — e.g. parameters that MUST be in the first entry, and the pre-rotation parameters that MUST be in every entry when active.

After writing this, my leaning is 2 above.

@swcurran swcurran requested review from brianorwhatever and a team December 19, 2024 23:57
@swcurran
Copy link
Collaborator Author

Added commit to limit array parameters (witness, nextKeyHashes, updateKeys) to be deactivated by null, removing the option of using of empty list []. Also went through the parameters and formalized their default values where not previously explicit, and how to use null to deactive them (where needed).

@swcurran
Copy link
Collaborator Author

Add a last tweak -- made explicit that they array parameters MUST NOT be set to an empty list.

Copy link
Contributor

@brianorwhatever brianorwhatever left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All of my comments are of the "take it or leave it" type

- If not explicitly set in the first [[ref: log entry]], it is set to `false`.
- Once the value has been set to `false`, it cannot be set back to `true`.
- If not explicitly set in the first [[ref: log entry]], it **MUST** be set to `false`.
- Once the value has been explicitly to `false` in a [[ref: DID log entry]], it **MUST NOT** be set back to `true`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- Once the value has been explicitly to `false` in a [[ref: DID log entry]], it **MUST NOT** be set back to `true`.
- Once the value has been explicitly set to `false` in a [[ref: DID log entry]], it **MUST NOT** be set back to `true`.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

- `portable`: A boolean (`true` / `false`) indicating if the DID is portable and
thus can be renamed to change the Web location of the DID.
- The value can **ONLY** be set to `true` in the first [[ref: log entry]], the initial version of the DID.
- If not explicitly set in the first [[ref: log entry]], it is set to `false`.
- Once the value has been set to `false`, it cannot be set back to `true`.
- If not explicitly set in the first [[ref: log entry]], it **MUST** be set to `false`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this kind of reads funny as it's not really a MUST it is just a fact.

Suggested change
- If not explicitly set in the first [[ref: log entry]], it **MUST** be set to `false`.
- If not explicitly set in the first [[ref: log entry]], its value is set to `false`.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think leaving it as being testable makes sense. Leaving this one.

@@ -610,12 +638,21 @@ properties are defined below.
- The process for generating the hashes and additional details for using [[ref: pre-rotation]] are defined in the
[Pre-Rotation Key Hash Generation and Verification](#pre-rotation-key-hash-generation-and-verification)
section of this specification.
- Once the [[ref: parameter]] `nextKeyHashes` has been set, the [[ref: Key Pre-Rotation]] feature becomes active and the property **MUST** be present in any future [[ref: DID log entry]].
- If not explicitly set in the first [[ref: DID Log entry]], its value **MUST** be `null`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above

Suggested change
- If not explicitly set in the first [[ref: DID Log entry]], its value **MUST** be `null`.
- If not explicitly set in the first [[ref: DID Log entry]], its value is `null`.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No change

pre-rotation. For additional details about turning off [[ref: pre-rotation]]
see the [pre-rotation](#pre-rotation-key-hash-generation-and-verification)
section of this specification.
- `nextKeyHashes` **MUST NOT** be set to an empty list `[]`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- `nextKeyHashes` **MUST NOT** be set to an empty list `[]`.
- `nextKeyHashes` **MUST** have at least 1 entry and **MUST NOT** be set to an empty list `[]`.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in all three places.

be deactivated. See the [deactivate (revoke)](#deactivate-revoke) section of
this specification for more details.
- If the `witness` property is not set in the first [[ref: DID log entry]],
its value **MUST** be null.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
its value **MUST** be null.
its value is null.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No change

this specification for more details.
- If the `witness` property is not set in the first [[ref: DID log entry]],
its value **MUST** be null.
- `witness` **MUST NOT** be set to an empty list `[]`.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- `witness` **MUST NOT** be set to an empty list `[]`.
- `witness` **MUST** have at least 1 entry and **MUST NOT** be set to an empty list `[]`.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

- If the `witness` property is not set in the first [[ref: DID log entry]],
its value **MUST** be null.
- `witness` **MUST NOT** be set to an empty list `[]`.
- `deactivated`: A JSON boolean that **MUST** be initialized to `false` and
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- `deactivated`: A JSON boolean that **MUST** be initialized to `false` and
- `deactivated`: A JSON boolean that is initialized to `false` and

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No change

its value **MUST** be null.
- `witness` **MUST NOT** be set to an empty list `[]`.
- `deactivated`: A JSON boolean that **MUST** be initialized to `false` and
**SHOULD** be set to `true` when the DID is to be deactivated but remains
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
**SHOULD** be set to `true` when the DID is to be deactivated but remains
**MUST** be set to `true` when the DID is to be deactivated but remains

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left as is. In the deactivate section we left it. If a DID is "deactivated" by removing the JSONL file, for example, no need to set deactivate to true. I wanted to leave that open.

@swcurran swcurran merged commit b9ec8d7 into decentralized-identity:main Dec 20, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants