Add provisional registration for did:me method#666
Conversation
This PR adds a provisional DID method entry for did:me. • Method name: me • Status: provisional • Specification: https://did-me.org/spec/v1/ did:me defines a lifecycle-controlled DID model with deterministic canonical state validation. Authoritative state is defined by a signed canonical core chain (canonical DAG-CBOR addressed by CID). Method validity is derived from this signed chain rather than a global consensus layer. The specification includes normative conformance requirements, security considerations, and a versioned JSON-LD context.
swcurran
left a comment
There was a problem hiding this comment.
Looks good. and meets the minimum requirements for registration.
Some suggestions that I think would improve the spec:
- In a number of places in the rendered specs, bullet lists are incorrectly displayed as paragraphs.
- There should be a privacy considerations section, along with the security considerations.
- It would be nice to have external links to terms used in the spec, such as "Bech32-encoded string" and "HRP" from the first section.
|
/ai-review |
🤖 AI Preliminary Specification ReviewThis is an advisory, automated review of the DID Method specification(s) referenced in this pull request, checked against the registration checklist. It does not replace review by the registry editors.
|
| Item | Level | Status | Notes | |
|---|---|---|---|---|
| ✅ | M1. Specification is reachable and is a DID Method specification | MUST | pass | |
| ✅ | M2. DID Method Syntax is defined | MUST | pass | |
| ✅ | M3. CRUD operations are defined | MUST | pass | |
| ✅ | M4. Security Considerations section is present and substantive | MUST | pass | |
| ❌ | M5. Privacy Considerations section is present and substantive | MUST | fail | There is no Privacy Considerations section anywhere in the specification. The table of contents and body contain a Security Considerations section but no Privacy Considerations section, despite the method handling personas, correlation identifiers (alsoKnownAs), biometrics, and device metadata that raise clear privacy concerns. |
| ✅ | M6. Method name is indicative and non-generic | MUST | pass | |
| ✅ | M7. No unreasonable legal, security, moral, or privacy harms | MUST | pass | |
| ✅ | M8. Human-readable description of the addition | MUST | pass | |
| S1. contactEmail present | OPTIONAL | warn | The contactEmail field is present in the JSON but is empty. | |
| ✅ | S2. verifiableDataRegistry present | OPTIONAL | pass | |
| S3. Intellectual-property posture is clear | SHOULD | warn | The specification contains no explicit IP/copyright/licensing statement; this is a warning, not a failure. |
----- DID METHOD REGISTRATION FORM: DELETE EVERYTHING ABOVE THIS LINE ------
DID Method Registration
As a DID method registrant, I have ensured that my DID method registration complies with the following statements:
contactEmailaddress [OPTIONAL].verifiableDataRegistryentry [OPTIONAL].This PR adds a provisional DID method entry for did:me.
• Method name: me
• Status: provisional
• Specification: https://did-me.org/spec/v1/
did:me defines a lifecycle-controlled DID model with deterministic canonical state validation. Authoritative state is defined by a signed canonical core chain (canonical DAG-CBOR addressed by CID). Method validity is derived from this signed chain rather than a global consensus layer.
The specification includes normative conformance requirements, security considerations, and a versioned JSON-LD context.