Decentralized Identifiers
(DIDs)

Presentation held at the Fintech event of the W3C Chinese Web IG, on 2020-12-19

Ivan Herman, ivan@w3.org

Introduction

What are the problems?

A typical experience

Consider these two scholarly references:

  • Tomislav Strinić, Damir Buković, Ljubomir Pavelić, Josip Fajdić, Ivan Herman, Ivica Stipić, Ivan Palada & Ivana Hirš, “Anthropological and clinical characteristics in adolescent women with dysmenorrhea”. Collegium antropologicum, 27(2), (2003).
  • Ivan Herman, Markus Gylling, “Bridging the Web and Digital Publishing”, The Journal of Electronic Publishing, (2015).
  • Only one of the two publications is mine…
  • The name is not enough; you need a unique personal identification to avoid problems with, in this case, homonyms
  • This has become even more important in a networked, digital world

No identifiers display all those requirements!

A DID is a self-sovereign identity, i.e., lifetime, portable, and verifiable digital identity that does not depend on any centralized authority

High level view on DIDs

High level view: DIDs and DID Documents

A unique string (DID) goes through a DID Resolution to a global, decentralized, key-value database; from this databased comes a DID document containing cryptographic materials (e.g., keys), metadata, Signature); this document is connected to an arrow going back to the DID from the database as a cryptographic verification.

Some use cases

Find information on purchased goods

shopping cart with various goods (cloths, books, shoes, camera); the camera has a DID and there is a four step process connecting that DID with a mobile: (1) get hold of the DID, (2) resolve the DID document (3) Verify the DID (4) follow a service refernece to get information

Find information on purchased goods

shopping cart with various goods (cloths, books, shoes, camera); the camera has a DID and there is a four step process connecting that DID with a mobile: (1) get hold of the DID, (2) resolve the DID document (3) Verify the DID (4) follow a service refernece to get information
  • It is very important that:
    • the identification is unique and persistent
    • the information has not been tampered with

Pool of relationships

Four humans connected to a Distributed Ledger of DID documents for all participants. Two figures are annotated as 'A' and 'B'; arrows connect these two with four steps (1) 'A' sems hos DID to 'B', (2) 'B' retrieves the DID document (connected to the ledger) for 'B', (3) 'B' encrypts her data using the keys of 'A', (4) 'B' sends the encrypted data to 'B'

Pool of relationships

Four humans connected to a Distributed Ledger of DID documents for all participants. Two figures are annotated as 'A' and 'B'; arrows connect these two with four steps (1) 'A' sems hos DID to 'B', (2) 'B' retrieves the DID document (connected to the ledger) for 'B', (3) 'B' encrypts her data using the keys of 'A', (4) 'B' sends the encrypted data to 'B'
  • No need for centralized key management
    • there may be different ledgers for the various participants
  • Both “A” and “B” may remain anonymous

How do DIDs look like?

Reminder: URIs, URNs, URLs, …

Ellipse labeled as 'URI' with three contained ellipses: (a) labeled as 'URL, locate through schemes' with examples https://..., ftp://..., data://...; (b) labeled as 'URN name through namespaces', with examples urn:isbn:..., urn:uuid:..., and urn:iso:... (c) labeles as 'INFO information assets through namespaces, with examples info:dewey:... and info:oclnum:...

DID is a new type of URI

The center of the figures is the string 'did:xyz:abcde1234567'. The string is surrounded by three annotations: (a) (pointing at 'did') 'Fixed string 'this is a DID'' (b) (pointing at 'xyx') 'Method name, eg, 'sov', 'bctr', 'key'', and (c) (pointing at 'abcde1234567') 'Method specific identifier'.

DID is a new type of URI

Ellipse labeled as 'URI' with four contained ellipses: (a) labeled as 'URL, locate through schemes' with examples https://..., ftp://..., data://...; (b) labeled as 'URN name through namespaces', with examples urn:isbn:..., urn:uuid:..., and urn:iso:... (c) labeled as 'INFO information assets through namespaces, with examples info:dewey:... and info:oclnum:...; (d) labeled as 'DID identify through methods with example did:sov:..., did:bcbtr:... and did:key:...'. The ellipse labeled as DID is in the centre of the containing one.

How do DID Documents look like?

Some closing remarks

Documents to read

Use cases and requirements
https://www.w3.org/TR/did-use-cases/
Core specification
https://www.w3.org/TR/did-core/
DID Specification Registries
https://www.w3.org/TR/did-spec-registries/
These slides
https://iherman.github.io/did-talks/talks/2020-Fintech/

Some more documents to come

DID Method Rubric
Documenting what criteria to look for when choosing a specific method
Implementation guide

Thank you for your attention!
ivan@w3.org

These slides: https://iherman.github.io/did-talks/talks/2020-Fintech/#/

qr code for https://iherman.github.io/did-talks/talks/2020-Fintech/#/