Git +DID pt. 2.1

From IIW

GIT + DID (Part 2.1)


Wednesday 7H

Convener: Dave Huseby

Notes-taker(s): Thomas Berry


Tags for the session - technology discussed/ideas considered:



Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


  • DIDs for repos
  • DIDs for DID docs int-repo
  • What does CRUD mean in this context


did:git:  foo_bar_<keyid>


Is there an identifier that can represent the tree?


did:git:<sha1 of genesis commit>:<path to did doc>


Root of trust is you’re talking to the same git tree


PGP signatures are not self resolving; no public keys

  1. Build a signing tool to add signature on commit
  2. Signature would included as did string
  3. Before you want to commit you have to send a did document
  4. Then, the repo itself can be self-verifying proving a proof of work


Git as a blockchain “we get our revenge”


The original maintainers of the chain need to have consent

  • need genesis (of your trust)
  • Signed by initial maintainers
  • SHA1 (git going to SHA-2 [or better] at some point [by end of year]) of commit is unique identifier for the repo



multi party computation (MPC)


You now have the ownership key of the blockchain

They just have to sign something to anchor to the chain



“I want to write a unit test to check if the code meets a spec” W3C can verify

  • Single DID doc
    • Well-known name (.git/genesis), or better name:  “we got this” “not the did doc you’re looking for”
    • DID doc blocks for keys of maintainers


Commentary:

  • DID spec includes a query spec; W3C won’t publish a version that includes it (not true)
  • It includes resolution and did referencing
  • What would a path mean? What would a query mean?
  • In a pull request in the did spec, if there is no path, then it has to invoke a service endpoint
  • Path = repo relative path to did doc
  • SHA1 genesis is the repository
  • Git as blockchain; push is a transaction to the blockchain