W3C home > Mailing lists > Public > public-credentials@w3.org > April 2018

Re: When to use pair-wise unique DIDs vs. just individual unique DIDs

From: =Drummond Reed <drummond.reed@evernym.com>
Date: Sun, 15 Apr 2018 19:41:52 -0700
Message-ID: <CAAjunnZE+ZVnd6E_tGWzERG72EDK+FYpmrM7Ggh_uw6RFimDDw@mail.gmail.com>
To: Carlos Bruguera <carlos@selfkey.org>
Cc: Chris Boscolo <chris@boscolo.net>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
On Sun, Apr 15, 2018 at 3:50 AM, Carlos Bruguera <carlos@selfkey.org> wrote:

> Hey Drummond,
> The approach of "private" pairwise DID seems totally reasonable as it fits
> the very purpose of pairwise identifiers which is (in my understanding) to
> establish a *private* channel for authentication and authenticated
> comunication between entities. Also, leaving the ledger for the data that
> is making purposedly public works not only as an anti-spam measure on the
> ledger but also solves multiple privacy and anonymity issues.


> I'm guessing this approach can also be used in cases where correlativity
> is desired or at least tolerated (by using the same DID or "facet" for
> authenticating to multiple (possibly related) services, even if generated
> locally and exchanged privately)?...

Yes. From my POV, DIDs can support any degree of pseudonymity or veronymity
as desired by the publisher of the DID. Pairwise pseudonymous DIDs on a
microledger are one end of the spectrum; fully public DIDs on a public
ledger are another, and you can also establish any degree in between. Note
that it's also possible to have pseudonymous DIDs—even pairwise—on a public
ledger; my previous post just explained why it wasn't necessary to do that.

> On a different line, is there any level of "anchoring" for these "private
> DIDs" against the public ledger? Or it's not necessary at all?

Yes, there are cases where you might want to do this. The one we've
discussed most in the Sovrin community is the need for the parties to
a pairwise pseudonymous DID to use a public ledger to establish a "dead-drop
<https://en.wikipedia.org/wiki/Dead_drop>" in case both parties happened to
move agents/agencies at the same time and lost their connection. However
that's an edge case, and as long as both parties agree beforehand how the
dead-drop will be established, there is no need to do actually create it
unless/until they become disconnected.


> On Sun, Apr 15, 2018 at 9:38 AM, =Drummond Reed <drummond.reed@evernym.com
> > wrote:
>> On Sat, Apr 14, 2018 at 9:46 AM, Chris Boscolo <chris@boscolo.net> wrote:
>>> First, Adam, thanks for posting the "WebAuthn & DID" presentation that
>>> surfaced the discussion of using pair-wise unique DIDs.  And thank
>>> you, Drummond, for linking to the discussion taking place at Sovrin on the
>>> subject. (https://forum.sovrin.org/t/the-benefit-of-pairwise-dids/628/3)
>>> I decided to pull this one question out into its own thread to get
>>> clarification and to help inform how the WebAuthn protocol might be
>>> modified to support DIDs.
>>> I think the community would benefit if we had a clear understanding of
>>> when pair-wise unique DIDs should be used vs. when a per-user unique DIDs
>>> will suffice.
>>> In the example, where a user is creating a new account on a popular
>>> website it is clear to me that the user will want to use a unique DID for
>>> only that site.  But, I question whether it is a good idea for the website
>>> to create a unique DID to communicate with that one user.  In fact, I
>>> wonder if doing so will open the door to other unintended ways of
>>> correlating users with the site. (When these DIDs are in public ledgers.)
>> Chris, I just wanted to point out why your final parenthetical is
>> important to this discussion. In Sovrin architecture, pairwise
>> pseudonymous DIDs *are not written to the public ledger*.
>> It's true that a year ago, even as we started to use pairwise
>> pseudonymous DIDs, we assumed they were all being written to the Sovrin
>> public ledger because: a) they did not provide any correlate-able data, and
>> b) we didn't have an alternative.
>> We subsequently realized that, since the whole point of pairwise
>> pseudonymous DIDs is that they are only needed by the two parties
>> involved—and that each can maintain a copy of the other's DID
>> document—there was no reason to write them to a public ledger. Rather the
>> two parties could maintain them on their own private microledger.
>> This has several significant advantages:
>>    1. It is even better from a privacy perspective since neither the
>>    pairwise pseudonymous DIDs nor their DID documents needed to be public.
>>    2. It is wonderful from a scalability perspective since
>>    the microledgers add almost no load to the public ledger.
>>    3. It means the Sovrin public ledger can be optimized for public DIDs
>>    and other SSI infrastructure data that needs to be fully public and widely
>>    shared.
>> Should these considerations be added to the DID spec?
>> That's a very good question. I don't think the DID spec (or any other
>> spec) should be weighed down with lots of implementation guidelines and
>> advice, but we should probably mention the basic option that DIDs can be
>> registered on public ledgers, private ledgers, or microledgers.
>> What do you think?
Received on Monday, 16 April 2018 02:42:26 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:26 UTC