W3C home > Mailing lists > Public > public-credentials@w3.org > April 2018

Re: When to use pair-wise unique DIDs vs. just individual unique DIDs

From: =Drummond Reed <drummond.reed@evernym.com>
Date: Sun, 15 Apr 2018 19:41:52 -0700
Message-ID: <CAAjunnZE+ZVnd6E_tGWzERG72EDK+FYpmrM7Ggh_uw6RFimDDw@mail.gmail.com>
To: Carlos Bruguera <carlos@selfkey.org>
Cc: Chris Boscolo <chris@boscolo.net>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
On Sun, Apr 15, 2018 at 3:50 AM, Carlos Bruguera <carlos@selfkey.org> wrote:

> Hey Drummond,
>
> The approach of "private" pairwise DID seems totally reasonable as it fits
> the very purpose of pairwise identifiers which is (in my understanding) to
> establish a *private* channel for authentication and authenticated
> comunication between entities. Also, leaving the ledger for the data that
> is making purposedly public works not only as an anti-spam measure on the
> ledger but also solves multiple privacy and anonymity issues.
>

Agreed.


>
> I'm guessing this approach can also be used in cases where correlativity
> is desired or at least tolerated (by using the same DID or "facet" for
> authenticating to multiple (possibly related) services, even if generated
> locally and exchanged privately)?...
>

Yes. From my POV, DIDs can support any degree of pseudonymity or veronymity
as desired by the publisher of the DID. Pairwise pseudonymous DIDs on a
microledger are one end of the spectrum; fully public DIDs on a public
ledger are another, and you can also establish any degree in between. Note
that it's also possible to have pseudonymous DIDs—even pairwise—on a public
ledger; my previous post just explained why it wasn't necessary to do that.


> On a different line, is there any level of "anchoring" for these "private
> DIDs" against the public ledger? Or it's not necessary at all?
>

Yes, there are cases where you might want to do this. The one we've
discussed most in the Sovrin community is the need for the parties to
a pairwise pseudonymous DID to use a public ledger to establish a "dead-drop
<https://en.wikipedia.org/wiki/Dead_drop>" in case both parties happened to
move agents/agencies at the same time and lost their connection. However
that's an edge case, and as long as both parties agree beforehand how the
dead-drop will be established, there is no need to do actually create it
unless/until they become disconnected.

=D


>
>
> On Sun, Apr 15, 2018 at 9:38 AM, =Drummond Reed <drummond.reed@evernym.com
> > wrote:
>
>> On Sat, Apr 14, 2018 at 9:46 AM, Chris Boscolo <chris@boscolo.net> wrote:
>>
>>> First, Adam, thanks for posting the "WebAuthn & DID" presentation that
>>> surfaced the discussion of using pair-wise unique DIDs.  And thank
>>> you, Drummond, for linking to the discussion taking place at Sovrin on the
>>> subject. (https://forum.sovrin.org/t/the-benefit-of-pairwise-dids/628/3)
>>>
>>>
>>> I decided to pull this one question out into its own thread to get
>>> clarification and to help inform how the WebAuthn protocol might be
>>> modified to support DIDs.
>>>
>>> I think the community would benefit if we had a clear understanding of
>>> when pair-wise unique DIDs should be used vs. when a per-user unique DIDs
>>> will suffice.
>>>
>>> In the example, where a user is creating a new account on a popular
>>> website it is clear to me that the user will want to use a unique DID for
>>> only that site.  But, I question whether it is a good idea for the website
>>> to create a unique DID to communicate with that one user.  In fact, I
>>> wonder if doing so will open the door to other unintended ways of
>>> correlating users with the site. (When these DIDs are in public ledgers.)
>>>
>>
>> Chris, I just wanted to point out why your final parenthetical is
>> important to this discussion. In Sovrin architecture, pairwise
>> pseudonymous DIDs *are not written to the public ledger*.
>>
>> It's true that a year ago, even as we started to use pairwise
>> pseudonymous DIDs, we assumed they were all being written to the Sovrin
>> public ledger because: a) they did not provide any correlate-able data, and
>> b) we didn't have an alternative.
>>
>> We subsequently realized that, since the whole point of pairwise
>> pseudonymous DIDs is that they are only needed by the two parties
>> involved—and that each can maintain a copy of the other's DID
>> document—there was no reason to write them to a public ledger. Rather the
>> two parties could maintain them on their own private microledger.
>>
>> This has several significant advantages:
>>
>>    1. It is even better from a privacy perspective since neither the
>>    pairwise pseudonymous DIDs nor their DID documents needed to be public.
>>    2. It is wonderful from a scalability perspective since
>>    the microledgers add almost no load to the public ledger.
>>    3. It means the Sovrin public ledger can be optimized for public DIDs
>>    and other SSI infrastructure data that needs to be fully public and widely
>>    shared.
>>
>> Should these considerations be added to the DID spec?
>>>
>>
>> That's a very good question. I don't think the DID spec (or any other
>> spec) should be weighed down with lots of implementation guidelines and
>> advice, but we should probably mention the basic option that DIDs can be
>> registered on public ledgers, private ledgers, or microledgers.
>>
>> What do you think?
>>
>>
>
Received on Monday, 16 April 2018 02:42:26 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:26 UTC