-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Updates the pre-rotation and witnesses sections with feedback from the first set of updates #159
Conversation
…e first set of updates Signed-off-by: Stephen Curran <[email protected]>
I am not totally comfortable with the disable prerotation feature. See comment in #151 |
Signed-off-by: Stephen Curran <[email protected]>
Signed-off-by: Stephen Curran <[email protected]>
Signed-off-by: Stephen Curran <[email protected]>
… nextKeyHashes, updateKeys or witnesses Signed-off-by: Stephen Curran <[email protected]>
So with the new |
If a parameter is left off it should carry on with its old value, although in this case the update would be invalid because we require it to be changed (once set). My perspective was that parameters that have never been set default to |
Need to get to a final answer on this.
As noted in the spec, a missing value in the parameters means “unchanged from the previous value”. As Andrew notes, some parameters add rules of when that a missing value is unacceptable — e.g. parameters that MUST be in the first entry, and the pre-rotation parameters that MUST be in every entry when active. After writing this, my leaning is 2 above. |
…ated using null and define defaults for parameters Signed-off-by: Stephen Curran <[email protected]>
Added commit to limit array parameters ( |
Signed-off-by: Stephen Curran <[email protected]>
Add a last tweak -- made explicit that they array parameters MUST NOT be set to an empty list. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
All of my comments are of the "take it or leave it" type
spec/specification.md
Outdated
- If not explicitly set in the first [[ref: log entry]], it is set to `false`. | ||
- Once the value has been set to `false`, it cannot be set back to `true`. | ||
- If not explicitly set in the first [[ref: log entry]], it **MUST** be set to `false`. | ||
- Once the value has been explicitly to `false` in a [[ref: DID log entry]], it **MUST NOT** be set back to `true`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- Once the value has been explicitly to `false` in a [[ref: DID log entry]], it **MUST NOT** be set back to `true`. | |
- Once the value has been explicitly set to `false` in a [[ref: DID log entry]], it **MUST NOT** be set back to `true`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
- `portable`: A boolean (`true` / `false`) indicating if the DID is portable and | ||
thus can be renamed to change the Web location of the DID. | ||
- The value can **ONLY** be set to `true` in the first [[ref: log entry]], the initial version of the DID. | ||
- If not explicitly set in the first [[ref: log entry]], it is set to `false`. | ||
- Once the value has been set to `false`, it cannot be set back to `true`. | ||
- If not explicitly set in the first [[ref: log entry]], it **MUST** be set to `false`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this kind of reads funny as it's not really a MUST it is just a fact.
- If not explicitly set in the first [[ref: log entry]], it **MUST** be set to `false`. | |
- If not explicitly set in the first [[ref: log entry]], its value is set to `false`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think leaving it as being testable makes sense. Leaving this one.
@@ -610,12 +638,21 @@ properties are defined below. | |||
- The process for generating the hashes and additional details for using [[ref: pre-rotation]] are defined in the | |||
[Pre-Rotation Key Hash Generation and Verification](#pre-rotation-key-hash-generation-and-verification) | |||
section of this specification. | |||
- Once the [[ref: parameter]] `nextKeyHashes` has been set, the [[ref: Key Pre-Rotation]] feature becomes active and the property **MUST** be present in any future [[ref: DID log entry]]. | |||
- If not explicitly set in the first [[ref: DID Log entry]], its value **MUST** be `null`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same as above
- If not explicitly set in the first [[ref: DID Log entry]], its value **MUST** be `null`. | |
- If not explicitly set in the first [[ref: DID Log entry]], its value is `null`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No change
spec/specification.md
Outdated
pre-rotation. For additional details about turning off [[ref: pre-rotation]] | ||
see the [pre-rotation](#pre-rotation-key-hash-generation-and-verification) | ||
section of this specification. | ||
- `nextKeyHashes` **MUST NOT** be set to an empty list `[]`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- `nextKeyHashes` **MUST NOT** be set to an empty list `[]`. | |
- `nextKeyHashes` **MUST** have at least 1 entry and **MUST NOT** be set to an empty list `[]`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed in all three places.
be deactivated. See the [deactivate (revoke)](#deactivate-revoke) section of | ||
this specification for more details. | ||
- If the `witness` property is not set in the first [[ref: DID log entry]], | ||
its value **MUST** be null. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
its value **MUST** be null. | |
its value is null. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No change
spec/specification.md
Outdated
this specification for more details. | ||
- If the `witness` property is not set in the first [[ref: DID log entry]], | ||
its value **MUST** be null. | ||
- `witness` **MUST NOT** be set to an empty list `[]`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- `witness` **MUST NOT** be set to an empty list `[]`. | |
- `witness` **MUST** have at least 1 entry and **MUST NOT** be set to an empty list `[]`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
- If the `witness` property is not set in the first [[ref: DID log entry]], | ||
its value **MUST** be null. | ||
- `witness` **MUST NOT** be set to an empty list `[]`. | ||
- `deactivated`: A JSON boolean that **MUST** be initialized to `false` and |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- `deactivated`: A JSON boolean that **MUST** be initialized to `false` and | |
- `deactivated`: A JSON boolean that is initialized to `false` and |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No change
its value **MUST** be null. | ||
- `witness` **MUST NOT** be set to an empty list `[]`. | ||
- `deactivated`: A JSON boolean that **MUST** be initialized to `false` and | ||
**SHOULD** be set to `true` when the DID is to be deactivated but remains |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
**SHOULD** be set to `true` when the DID is to be deactivated but remains | |
**MUST** be set to `true` when the DID is to be deactivated but remains |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Left as is. In the deactivate section we left it. If a DID is "deactivated" by removing the JSONL file, for example, no need to set deactivate to true. I wanted to leave that open.
Signed-off-by: Stephen Curran <[email protected]>
Adjusts the recently changes pre-rotation and witness section, addressing a number of issues:
did-witness.json
data model to make theversionId
what is signed (also issue Is it sufficient for a witness to sign only the versionId of the entry? #142)The goal is that this PR should complete the changes needed in v0.5 -- including the renaming.
Please review carefully!