commit b136746c85d285f18b56d00f38040a615b76607b
parent 192b4c07106d35bb1ebacf6886dca3e08f73de0b
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Mon, 22 Aug 2022 11:33:16 +0200
text
Diffstat:
1 file changed, 91 insertions(+), 15 deletions(-)
diff --git a/draft-schanzen-didgns.xml b/draft-schanzen-didgns.xml
@@ -98,8 +98,8 @@
</t>
<figure anchor="figure_did" title="The GNS DID format">
<artwork name="" type="" align="left" alt=""><![CDATA[
-gns-did = "did:gns": ego-pubkey[ did-fragment ]
-ego-pubkey = Base32GNS(zk)\\
+gns-did = "did:gns:" ego-pubkey
+ego-pubkey = Base32GNS(zk)
]]></artwork>
</figure>
<t>
@@ -114,25 +114,85 @@ did:gns:000G057G3NM5FCGEDF35DBE6Y1R7QEFF7GJA9KXVK9KMT336XWKBY1M2XC
</section>
<section>
<name>Method operations</name>
- <t>
- TODO
- </t>
<section>
<name>Create (Register)</name>
<t>
- When a user creates a new DID and its associated DID document
- the \emph{gnunet-did} program first creates a new ego using the GUNuet Identity
-service.
-It then uses the public key of the returned ego to generate the DID after the previously
-described format \ref{reclaim DID format} and generates the default DID document
-\ref{listing:standard_did_doc}.
-The new DID document is sent to STDOUT.
-GNUnet Namestore is used to store the DID document as a TXT record in the root of
-the egos GNS zone using the empty label \emph{@}.
-It takes some time until the new record propagates through the GNU Name System.
+ In order to create and register a new GNS DID, a new GNS zone key
+ must be created as defined in Section 4 of <xref target="I-D.draft-schanzen-gns"/>.
+ The zone can then be populated with an DID Document.
+ DID Documents are stored as records of type <tt>DID_DOCUMENT</tt>.
+ DID Document records are published under the Apex Label.
+ Record expiration must be chosen carefully in order to facilitate
+ deletion (revocation) and updates of the DID Document and depends on
+ the use case and user preference.
+ </t>
+ </section>
+ <section>
+ <name>Read (Resolve)</name>
+ <t>
+ In order to resolve a GNS DID, the public zone key is extracted
+ from the the DID.
+ The zone key is used in combination with the Apex Label in order to
+ resolve a resource record of type <tt>DID_DOCUMENT</tt> as defined in
+ Section 7 of <xref target="I-D.draft-schanzen-gns"/>.
+ </t>
+ </section>
+ <section>
+ <name>Update</name>
+ <t>
+ In order to update the DID Document of a GNS DID, the resource record
+ data of the DID is updated.
+ The updated DID Document will be available through GNS as soonn as
+ the old records expire in GNS or the updated records are disseminated
+ through the network.
+ </t>
+ </section>
+ <section>
+ <name>Delete (Revoke)</name>
+ <t>
+ In order to revoke a DID, the registered DID Document resource record
+ is removed from the zone and no longer published.
+ It will cease to be available as soon as it reaches its expiration
+ date.
+ In this case, the DID may be "revived" at a later point in time
+ should the zone owner choose to do so.
+ </t>
+ <t>
+ Alternatively, the zone itself may be revoked according to Section 4.2
+ of <xref target="I-D.draft-schanzen-gns"/>.
+ However, this also prevents any future use of the zone keys.
+ </t>
+ <t>
+ For temporary deletion of a DID, the depublication of the resource
+ record is recommended.
+ For <b>revocation</b> of a DID, the zone revocation mechanism in GNS
+ is recommended.
</t>
</section>
</section>
+ <section anchor="gana" numbered="true" toc="default">
+ <name>GANA Considerations</name>
+ <t>
+ GANA <xref target="GANA" />
+ manages the "GNU Name System Record Types" registry.
+ </t>
+ <t>
+ GANA is asked to register the record types defined in this
+ specification in the "GNU Name System Record Types" registry
+ as listed in <xref target="figure_rrtypenums"/>.
+ </t>
+ <figure anchor="figure_rrtypenums" title="The GANA Resource Record Registry Modification.">
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+Number | Name | Contact | References | Comment
+-------+---------------+---------+------------+-------------
+65566 | DID_DOCUMENT | N/A | [This.I-D] | DID Document
+ ]]></artwork>
+ </figure>
+ <t>
+ The <tt>DID_DOCUMENT</tt> resource record payload wire format consists
+ of a single string representing a DID Document.
+ </t>
+ </section>
</middle>
<back>
<references>
@@ -140,6 +200,22 @@ It takes some time until the new record propagates through the GNU Name System.
&RFC2119;
&RFC8174;
+ <reference anchor="I-D.draft-schanzen-gns" target="https://datatracker.ietf.org/doc/draft-schanzen-gns/">
+ <front>
+ <title>The GNU Name System</title>
+ <author initials="M." surname="Schanzenbach" fullname="Martin Schanzenbach">
+ <organization>GNUnet e.V.</organization>
+ </author>
+ <author initials="C." surname="Grothoff" fullname="Christian Grothoff">
+ <organization>GNUnet e.V.</organization>
+ </author>
+ <author initials="B." surname="Fix" fullname="Bernd Fix">
+ <organization>GNUnet e.V.</organization>
+ </author>
+ <date year="2021"/>
+ </front>
+ </reference>
+
</references>
<references>
<name>Informative References</name>
