W3C home > Mailing lists > Public > public-credentials@w3.org > April 2018

Re: When to use pair-wise unique DIDs vs. just individual unique DIDs

From: =Drummond Reed <drummond.reed@evernym.com>
Date: Mon, 16 Apr 2018 01:14:50 -0700
Message-ID: <CAAjunnYGWQrDOmo1bXmDP1KCkXYw6nVf8hJkrTW3TwK_TjvGHQ@mail.gmail.com>
To: Chris Boscolo <chris@boscolo.net>
Cc: Carlos Bruguera <carlos@selfkey.org>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
[sorry—caught a typo that could be very confusing—see correction in red
below]

On Sun, Apr 15, 2018 at 7:50 PM, =Drummond Reed <drummond.reed@evernym.com>
wrote:

> On Sun, Apr 15, 2018 at 9:42 AM, Chris Boscolo <chris@boscolo.net> wrote:
>
>> Drummond,
>> I must admit, this answer caught me by surprise...
>>
>> How is what you are describing any different than our current federated
>> ID nightmare?
>>
>
> Chris, I must have mis-communicated something. Keep reading.
>
>
>>
>> In the age of the Internet and hackers being mostly smarter than those
>> building infrastructure, the term "private" is meaningless.
>> "Private" just means hidden from the public until at some point in the
>> future it is no longer hidden.
>>
>
> Yes, of course, the "privacy" of a microledger is not just that it's *not*
> a public ledger. The DIDs and DID documents on a microledger should still
> be as privacy-protecting as they would be on a public ledger, i.e., they
> shouldn't leak any information about the identity owner or relationship.
> They just are not publicly searchable or viewable.
>
>
>
>>
>> Furthermore, I thought the whole point of the DID approach is that the
>> DID owner can update the DDO if, for example, they want to update the
>> keys.  How would this work if as you say "and that each can maintain a copy
>> of the other's DID document".
>>
>
> That may have been the phrase that tripped you up. The "copy" of the
> shared DID document on the microledger is just like the "copy" maintained
> by all the nodes on a distributed public ledger. In other words, only
> the identity owner has the ability (or can delegate the ability) to make
> any chances to the DID document.
>
> To be clear, if Alice maintains a microledger with Bob, then Bob's node on
> the microledger has a copy of the pairwise pseudonymous DID and DID
> document that Alice has created for Bob, and Alice's node has a copy of the
> pairwise pseudonymous DID and DID document that Bob has created for Alice.
> Since both DID documents contain the service endpoints for their respective
> agents, the two agents are the only "nodes" that need to keep
> the microledger in sync (i.e., "consensus" is pretty easy). But it's still
> an actual ledger, i.e., all transactions are signed, hashed together into a
> chain, and replicated to all nodes.
>
>
>
>> Looks like I either need to re-evaluate my support for this approach or
>> hopefully some can help clarify this a bit more.
>>
>
> Hopefully I've done that; let me know if it's still not clear.
>
> =D
>
>>
>>   -chrisb
>>
>>
>> On Sun, Apr 15, 2018 at 3:50 AM, Carlos Bruguera <carlos@selfkey.org>
>> wrote:
>>
>>> Hey Drummond,
>>>
>>> The approach of "private" pairwise DID seems totally reasonable as it
>>> fits the very purpose of pairwise identifiers which is (in my
>>> understanding) to establish a *private* channel for authentication and
>>> authenticated comunication between entities. Also, leaving the ledger for
>>> the data that is making purposedly public works not only as an anti-spam
>>> measure on the ledger but also solves multiple privacy and anonymity issues.
>>>
>>> I'm guessing this approach can also be used in cases where correlativity
>>> is desired or at least tolerated (by using the same DID or "facet" for
>>> authenticating to multiple (possibly related) services, even if generated
>>> locally and exchanged privately)?... On a different line, is there any
>>> level of "anchoring" for these "private DIDs" against the public ledger? Or
>>> it's not necessary at all?
>>>
>>>
>>> On Sun, Apr 15, 2018 at 9:38 AM, =Drummond Reed <
>>> drummond.reed@evernym.com> wrote:
>>>
>>>> On Sat, Apr 14, 2018 at 9:46 AM, Chris Boscolo <chris@boscolo.net>
>>>> wrote:
>>>>
>>>>> First, Adam, thanks for posting the "WebAuthn & DID" presentation that
>>>>> surfaced the discussion of using pair-wise unique DIDs.  And thank
>>>>> you, Drummond, for linking to the discussion taking place at Sovrin on the
>>>>> subject. (https://forum.sovrin.org/t/the-benefit-of-pairwise-dids/628
>>>>> /3)
>>>>>
>>>>> I decided to pull this one question out into its own thread to get
>>>>> clarification and to help inform how the WebAuthn protocol might be
>>>>> modified to support DIDs.
>>>>>
>>>>> I think the community would benefit if we had a clear understanding of
>>>>> when pair-wise unique DIDs should be used vs. when a per-user unique DIDs
>>>>> will suffice.
>>>>>
>>>>> In the example, where a user is creating a new account on a popular
>>>>> website it is clear to me that the user will want to use a unique DID for
>>>>> only that site.  But, I question whether it is a good idea for the website
>>>>> to create a unique DID to communicate with that one user.  In fact, I
>>>>> wonder if doing so will open the door to other unintended ways of
>>>>> correlating users with the site. (When these DIDs are in public ledgers.)
>>>>>
>>>>
>>>> Chris, I just wanted to point out why your final parenthetical is
>>>> important to this discussion. In Sovrin architecture, pairwise
>>>> pseudonymous DIDs *are not written to the public ledger*.
>>>>
>>>> It's true that a year ago, even as we started to use pairwise
>>>> pseudonymous DIDs, we assumed they were all being written to the Sovrin
>>>> public ledger because: a) they did not provide any correlate-able data, and
>>>> b) we didn't have an alternative.
>>>>
>>>> We subsequently realized that, since the whole point of pairwise
>>>> pseudonymous DIDs is that they are only needed by the two parties
>>>> involved—and that each can maintain a copy of the other's DID
>>>> document—there was no reason to write them to a public ledger. Rather the
>>>> two parties could maintain them on their own private microledger.
>>>>
>>>> This has several significant advantages:
>>>>
>>>>    1. It is even better from a privacy perspective since neither the
>>>>    pairwise pseudonymous DIDs nor their DID documents needed to be public.
>>>>    2. It is wonderful from a scalability perspective since
>>>>    the microledgers add almost no load to the public ledger.
>>>>    3. It means the Sovrin public ledger can be optimized for public
>>>>    DIDs and other SSI infrastructure data that needs to be fully public and
>>>>    widely shared.
>>>>
>>>> Should these considerations be added to the DID spec?
>>>>>
>>>>
>>>> That's a very good question. I don't think the DID spec (or any other
>>>> spec) should be weighed down with lots of implementation guidelines and
>>>> advice, but we should probably mention the basic option that DIDs can be
>>>> registered on public ledgers, private ledgers, or microledgers.
>>>>
>>>> What do you think?
>>>>
>>>>
>>>
>>
>
Received on Monday, 16 April 2018 08:15:23 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:18:26 UTC