Updated 'what is a DID' list from Andrew Hughes on 2018-12-09 (public-credentials@w3.org from December 2018)

From: Andrew Hughes <andrewhughes3000@gmail.com>
Date: Sun, 9 Dec 2018 13:39:36 -0800
To: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Message-ID: <CAGJp9UbsKuOb-wQV1qLTcEercgen7urEHWTVbcOAtGfaq9p2MA@mail.gmail.com>

Hi folks - thank you for the other email thread - I think we have surfaced
some interesting things while exploring simple ways to talk about DIDs.

I have rewritten the original list in this Google doc:
https://docs.google.com/document/d/1Ym85y_bDVN9xkRZ-oD-zlUUIeZjVGWNihfZBk2GQidk/edit?usp=sharing

Also, the highest-level statements are copied here (the doc has a more
complete set of statements that pertain to the high-level list). NB: the
ramifications of each of these statements is not spelled out yet - for
example, why is it significant that DIDs can be authenticated and the
authentication methods updatable without necessarily changing the DID value?

A Decentralized Identifier (DID):

Is a globally-unique identifier in a universal-scope namespace
2.

Is an identifier for a specific entity: the DID subject (i.e. A DID is a
URI)
3.

Is a persistent identifier (i.e. A DID is a URN)
4.

May be self-created without reliance on a central issuer/authority
5.

Therefore, cannot be deleted or revoked arbitrarily by a centralized
authority or registry
6.

When resolved using a DID Resolver, returns the associated DID Document
if it exists
7.

Is associated with zero or one DID Document:
1.

A standard resource describing the DID subject entity
2.

Which may contain an ‘authentication’ property used to allow an
entity to cryptographically prove that they are the DID subject
3.

Whose content may be updated without necessarily updating the DID
itself
8.

Conforms to a specific DID method specification which must, for a
specific target system, specify the DID operations: Create; Read/Verify;
Update; Delete/Revoke.

A couple summary statements:

Any entity that follows the mechanism described in the relevant DID method
specification can create a resolvable, persistent, unique Decentralized
Identifier.

The DID method must describe cryptographic key management system functions
such as key registration; key replacement; key rotation; key recovery; key
expiration.

*Andrew Hughes *CISM CISSP
*In Turn Information Management Consulting*

o +1 650.209.7542
m +1 250.888.9474
1249 Palmer Road, Victoria, BC V8P 2H8
AndrewHughes3000@gmail.com
*https://www.linkedin.com/in/andrew-hughes-682058a
<https://www.linkedin.com/in/andrew-hughes-682058a>*
*Digital Identity | International Standards | Information Security *

Received on Sunday, 9 December 2018 21:40:10 UTC