Correct inappropriate uses of w3id.org domain

[selfissued]

Here are the comments from my spec review about this:

https://www.w3.org/TR/2024/WD-controller-document-20240817/#processing-errors
The spec says "The type value of the error object MUST be a URL that starts with the value https://w3id.org/security# and ends with the value in the section listed below." To my understanding, w3id.org is not a domain controlled by the W3C or another standards organization, and so is inappropriate to include in a normative requirement. Please change this reference to a domain and path controlled by the W3C, for instance https://w3.org/controller-document/security#.

An alternate resolution to this issue that would be acceptable would be for the current owner of w3id.org to transfer ownership to the W3C and for the W3C to create a change control process for the content at the domain that is approved by the TAG.

https://www.w3.org/TR/2024/WD-controller-document-20240817/#multibase
As in a previous comment, please change the use of https://w3id.org/security#multibase to a URL controlled by the W3C, for the same reasons.

[msporny]

The group already discussed the https://w3id.org/security# URL and came to consensus on using it.

[selfissued]

Particularly given the misleading nature of the name, which includes "w3" making it appear to be affiliated with the W3C, we should consider asking the owner to transfer ownership to the W3C, which would likely be the cleanest resolution to the issue.

[msporny]

The use of w3id.org was discussed extensively in w3c/vc-data-model#947. The group made a consensus-based decision to continue using it in its current form and use cryptographic hashes to identify the documents which ultimately live at W3C.

We have contemplated moving w3id.org management to W3C, and that would be fine by me, but W3C's systems team (the last time we asked) didn't want to add managing that site to their list of sites that they manage. That was 10 years ago, perhaps they might change their mind this time around, but if they do accept it, this becomes a non-issue, and if they don't accept it, this is still a non-issue.

[selfissued]

It remains an issue until the ownership of w3id.org is transferred to the W3C or its use is removed from our specifications.

[iherman]

This issue was already raised by the W3C management. See the DI CR transition request comments, in particular w3c/transitions#573 (comment), and then an answer in w3c/transitions#573 (comment). The management accepted the situation as is in w3c/transitions#573 (comment).

I do not think we should re-open the issue.

[iherman]

The issue was discussed in a meeting on 2024-09-04

• no resolutions were taken

View the transcript

2.7. Correct inappropriate uses of w3id.org domain (issue controller-document#66)

See github issue controller-document#66.

Brent Zundel: Mike Jones raised this issues about w3id.org.
… we have had extensive conversations about this in the past.
… which makes this more a topic for w3m than for us.

Michael Jones: I suggest not taking our time on this now.
… there's a conversation about this that may happen at TPAC.
… but manu provided enough context that made it clear that it's not our decision.

Ivan Herman: it's not our decision and the decision has already been made by w3m.
… the decision was that w3id.org be used.

Brent Zundel: you said a decision was made.

Ivan Herman: the decision was that w3id.org could be used and leave it as it is.

Brent Zundel: the conversation with w3m was an ask to make it an official w3c domain.
… but like selfissued said, there are conversations to be had at TPAC.

Manu Sporny: just going to add some history.
… we did ask w3c 10 years ago to run w3id.org.
… they said no, they were too busy with the maintenance of other systems.
… by now w3id.org has 9k+ redirects.
… I'd be in favor of the W3C taking this over.
… but at the same time, this is completely orthogonal to this WG.
… we have hashes on all the contexts to avoid questions of origins of the documents.

Brent Zundel: k. I'm going to remove both labels from the issue.

Manu Sporny: I don't think we should leave this open. we have to close them all.

Brent Zundel: if we see that the decision hasn't been made at some point in the future, then we can close it.

Ivan Herman: manu and I can talk to Ralph about it.

Brent Zundel: Mike Jones will want to be apart of it as well.

[iherman]

The issue was discussed in a meeting on 2024-10-16

• no resolutions were taken

View the transcript

4.5. Correct inappropriate uses of w3id.org domain (issue controller-document#66)

See github issue controller-document#66.

Manu Sporny: would be great if W3C took over the domain name, but this is not likely.
… issue is still open to see if W3C has an opinion on this.

Michael Jones: I asked Ralf about this at TPAC.
… but I am OK on closing this if W3C will take an action on this.

Ivan Herman: we have an earlier green light from W3C management for the VCWG.

[msporny]

Closing given the last discussion in the VCWG. W3C knows the ball is in their court if they are to take any action.