Merge pull request #136 from swcurran/witness-json

Update the specification of the witness process to put the witness proofs in a separate file
decentralized-identity · Nov 29, 2024 · 25d3ab1 · 25d3ab1
2 parents f6289ef + 5f0af1f
commit 25d3ab1
Show file tree

Hide file tree

Showing 4 changed files with 248 additions and 141 deletions.
diff --git a/README.md b/README.md
@@ -10,6 +10,18 @@ Proof of concept implementations available:
 - Python: [https://github.com/bcgov/trustdidweb-py](https://github.com/bcgov/trustdidweb-py)
 - Go: [https://github.com/nuts-foundation/trustdidweb-go](https://github.com/nuts-foundation/trustdidweb-go)
 
+## Current Status of the Specification -- updated: 2024-11-29
+
+The current stable version of the specification is **v0.4**. It is the landing page
+of the [rendered specification](https://identity.foundation/trustdidweb/) and
+has been snapshotted into the `spec-v0.4` folder in this repo. Active work is happening (in
+the `spec`) folder on the next version of the specification ([rendered
+here](https://identity.foundation/trustdidweb/next)). The editors will announce
+when that new version is stable, assigned a version number, and becomes the next
+current version of the specification. Updates in that version will included at
+least changes in the pre-rotation handling, witnesses, and will include a name
+change to the DID Method.
+
 ## Abstract
 
 The `did:tdw` (Trust DID Web) method is an enhancement to the

diff --git a/spec/definitions.md b/spec/definitions.md
@@ -29,7 +29,7 @@ in the [[spec:DID-CORE]].
 
 ~ A DID Document as defined by the [[spec: DID-Core]] -- the document returned when a DID is resolved.
 
-[[def: did:key]]
+[[def: did:key, `did:key`]]
 
 ~ `DID:key`...
 
@@ -60,7 +60,7 @@ when forced to change (such as when an organization is acquired by another,
 resulting in a change of domain names) and when changing DID hosting service
 providers.
 
-[[def: did:web]]
+[[def: did:web, `did:web`]]
 
 ~ `did:web` as described in the [W3C specification](https://w3c-ccg.github.io/did-method-web/)
 is a DID method that leverages the Domain Name System (DNS) to perform the DID operations.
@@ -131,7 +131,7 @@ in this specification as permitted.
 
 [[def: multi-sig, multisig]]
 
-~ A cryptographic signature that to be valid **MUST** contain a defined threshold
+~ A cryptographic signature that to be valid **MUST** contain a defined [[ref: threshold]]
 (for example, 4 of 7) individual signatures to be considered valid. The
 multi-signature key reference points to a verification method that defines what
 keys may contribute to the signature, and under what conditions the
@@ -174,6 +174,14 @@ and approves it according to its ecosystem governance (whatever that might be).
 approval process results are positive, witnesses returns to the DID Controller a [[ref: Data Integrity]] proof
 attesting to that positive result.
 
+[[def: threshold, witness threshold]]
+
+~ An algorithm that defines when a sufficient number of [[ref: witnesses]] have
+submitted valid [[ref: Data Integrity]] proofs for a [[ref: DID Log entry]] such
+that it is approved and can be published. The algorithm details are in the
+[Witness Threshold Algorithm](#witness-threshold-algorithm) section of this
+specification.
+
 [[def: W3C VCDM]]
 
 ~ A Verifiable Credential that uses the Data Model defined by the W3C [[spec: W3C-VC]] specification.