Ensure UUID type DIDs have DID url-to-document-contents integrity protection

[dmitrizagidulin]

Should we perhaps deprecate the uuid type DID generation? (Since unlike the cryptonym, it does not contain proof of integrity of the document in the url itself).

Ensure that UUID type DIDs have some sort of integrity protection (that ensures that the document that gets resolved at the URL is the same document you expected). Cryptonyms currently have this property (the DID is generated from a key in the DID Doc), but UUID types do not.

Perhaps we can use something like Resource Integrity Protection (or a simplified version of Decentralized Autonomic Data)?

[davidlehn]

It the uuid type is not deprecated then the docs should list out the limitations.

[dmitrizagidulin]

@davidlehn got it, agreed.

Had further conversation on this @dlongley. Sounds like we do need UUID type DIDs (for constrained devices that aren't carrying keys or something).

Changing focus of this issue from deprecating UUIDs to - Ensuring UUIDs have url-to-document binding / integrity protection (like cryptonym UUIDs do).