Propose Web-CID Profile for Agent Identification#96
Open
Conversation
Loading
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
14 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR introduces an editor's draft for Web Agent Identification: A Web-based Controlled Identifier Profile (Web-CID).
The specification defines an HTTP-based mechanism to dereference an agent's CID for identification and subsequent authentication on the Web. It is designed to be highly interoperable by building directly on [CID-1.0], standard HTTP semantics [RFC9110], and the architecture of the Web itself [WEBARCH].
The specification's structure and conformance model is inspired by the Solid Protocol to
clearly define what constitutes conformance, to specify for testability, and to aim for interoperability.
Scope
The LWS protocol currently does not limit the mechanisms by which an agent (i.e., an authentication subject) may be identified. LWS Authentication Suites such as those based on OIDC or SAML might rely on CIDs to identify an agent. Other LWS Authentication Suites such as those based on did:key do not directly rely on CIDs.
This PR's proposal is deliberately broad in scope, as the proposed functionality is not limited to LWS Authentication Suites.
This proposal is useful for LWS in that it specifies a particular Web-based conformance model for CIDs that might be used in LWS Authentication Suites. This proposal might also be useful for non-LWS contexts, such as Web-based Verifiable Credentials. This is in-line with the modular design and layered architecture that both the LWS protocol and specifications around Verifiable Credentials adopt.
As the CID specification does not define how a CID is to be dereferenced, this proposal specifies one such potential mechanism for Clients and Servers to implement.
Intent
Following up on the discussion in #57, this draft is submitted for adoption by the WG for FPWD in the scope of LWS based on the action item assigned to me in the #lws meeting on 16 February 2026.
I am open to discussing the proposal at any depth and welcome feedback of any kind.
I further expect to iterate on specific sections, particularly Security and Privacy, to address standard horizontal review requirements (TAG/PING).
Preview