Allow verification method identifiers in DID Documents to be HTTPS URLs?

[msporny]

Currently, DID Documents do not allow anything other than DIDs in the verification method id field or not. This means that you can't link to a verification method that exists on other non-DID networks. This issue is to track whether we should allow linking to verification methods on non-DID networks.

[franca6]

Can you explain this to me?

[w3cbot]

This was discussed during the #did meeting on 24 April 2025.

View the transcript

Allow verification method identifiers to be HTTPS URLs?

<ottomorac> w3c/did#879

ottomorac: Current DID documents do not allow other the DID URLs to be IDs for verification methods
… This issue tracks if we should change this

manu: This came up because the controlled identifier spec talks about https URLs
… it uses them for its IDs
… Since then we have moved the CID spec through the standard process. It will become a formal standard
… Some feedback was, why do we have the CID spec again..
… It is true the DID spec can do all the CID spec can
… did:web can do all that the CID spec can
… So applying that to this issue, I think the answer is no because if someone wants to refer to a https based verification method they can just use did:web or its variations

<Zakim> JoeAndrieu, you wanted to say we should let the CID spec define that

JoeAndrieu: +1 to manu, we should not water now our security guarantees. CID spec was a compromise

manu: To be clear, this means no spec changes. The text stays as is

---