RE: Announcement: Authority-Scoped Decentralized Identifiers (DID7) specification

Tim, again, RFC 8141 helped in an unexpected way in terms of understanding URN (and hence DID) equivalency (https://datatracker.ietf.org/doc/html/rfc8141#section-3.2).  For example, ? and # components are not supposed to be considered when determining if two URNs are equivalent:

   First, because the scheme and NID are case insensitive, the following
   three URNs are URN-equivalent to each other:


·        urn:example:a123,z456

·        URN:example:a123,z456

·        urn:EXAMPLE:a123,z456

   Second, because the r-component, q-component, and f-component are not
   taken into account for purposes of testing URN-equivalence, the
   following three URNs are URN-equivalent to the first three examples
   above:


·        urn:example:a123,z456?+abc

·        urn:example:a123,z456?=xyz

·        urn:example:a123,z456#789

Thank you,
Michael
Web 7.0

From: Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net>
Sent: Tuesday, March 17, 2026 11:37 AM
To: Tim Bouma <trbouma@gmail.com>
Cc: Melvin Carvalho <melvincarvalho@gmail.com>; Drummond Reed <drummond.reed@gmail.com>; Manu Sporny (msporny@digitalbazaar.com) <msporny@digitalbazaar.com>; Markus Sabadello <markus@danubetech.com>; Daniel Hardman - Personal () <daniel.hardman@gmail.com>; public-credentials (public-credentials@w3.org) <public-credentials@w3.org>
Subject: RE: Announcement: Authority-Scoped Decentralized Identifiers (DID7) specification

Thank you Tim, I’ll check into RFC 8141 but on the surface, we’re looking for *simple* as well as something that is a simple superset of DID-CORE.

RFI: DID7 has also be posted as an IETF Draft: https://datatracker.ietf.org/doc/draft-herman-did7-identifier/


Michael Herman
Web 7.0

From: Tim Bouma <trbouma@gmail.com<mailto:trbouma@gmail.com>>
Sent: Tuesday, March 17, 2026 11:33 AM
To: Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>>
Cc: Melvin Carvalho <melvincarvalho@gmail.com<mailto:melvincarvalho@gmail.com>>; Drummond Reed <drummond.reed@gmail.com<mailto:drummond.reed@gmail.com>>; Manu Sporny (msporny@digitalbazaar.com<mailto:msporny@digitalbazaar.com>) <msporny@digitalbazaar.com<mailto:msporny@digitalbazaar.com>>; Markus Sabadello <markus@danubetech.com<mailto:markus@danubetech.com>>; Daniel Hardman - Personal () <daniel.hardman@gmail.com<mailto:daniel.hardman@gmail.com>>; public-credentials (public-credentials@w3.org<mailto:public-credentials@w3.org>) <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: Re: Announcement: Authority-Scoped Decentralized Identifiers (DID7) specification

I believe this all fits into the RFC 8141 URN specification.

As for W3C DIDs, how they fit:

'urn' is implied,
'namespace' is the did:<method>,
'local authority' is not used (but could be),
'domain authority' is the unique identifier value within the namespace, and the
'f-component' is anything that can be additionally specified.

see slide below

Tim


[cid:image001.png@01DCB614.AC9E9F30]

On Tue, Mar 17, 2026 at 10:36 AM Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>> wrote:
This is the first (really the second) specification to be released by the Web 7.0 Foundation:
SDO: Authority-Scoped Decentralized Identifiers (DID7)
https://hyperonomy.com/2026/03/17/sdo-authority-scoped-decentralized-identifiers-did7/


This document defines the did7 URI scheme, an authority-scoped DID format. DID7 adds:

  *   An optional authority component
  *   Two-stage resolution (authority → method)
  *   Forward-compatible namespace expansion
The specification is fully compatible with the W3C DID Core data model [DID-CORE].

Best regards,
Michael Herman
Chief Digital Officer
Web 7.0 Foundation

From: Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>>
Sent: Tuesday, March 17, 2026 12:35 AM
To: Melvin Carvalho <melvincarvalho@gmail.com<mailto:melvincarvalho@gmail.com>>
Cc: Drummond Reed <drummond.reed@gmail.com<mailto:drummond.reed@gmail.com>>; Manu Sporny (msporny@digitalbazaar.com<mailto:msporny@digitalbazaar.com>) <msporny@digitalbazaar.com<mailto:msporny@digitalbazaar.com>>; Markus Sabadello <markus@danubetech.com<mailto:markus@danubetech.com>>; Daniel Hardman - Personal () <daniel.hardman@gmail.com<mailto:daniel.hardman@gmail.com>>; public-credentials (public-credentials@w3.org<mailto:public-credentials@w3.org>) <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: Re: How/why "methods" became part of the original Decentralized Identifier conversations?

Melvin, https://www.rfc-editor.org/rfc/rfc6920.html is very interesting. It suggests a backward compatible syntax for adding an Authority component to a DID 1.1 legacy identifier...

did://authority/method:unique-item-id

Legacy DIDs (did:method:unique-item-id) can assume a mapping to a default authority value of: www.w3.org<http://www.w3.org>

did://www.w3.org/method:unique-item-id<http://www.w3.org/method:unique-item-id>
e.g. did://www.w3.org/key:hash<http://www.w3.org/key:hash>

Support for Authority is needed, for example, to create proper DID identities for things like context schema documents.

This wasn't the purpose for my original question, but I like the outcome. Thank you. 🙂

Michael Herman
Chief Digital Officer
Web 7.0


Get Outlook for Android<https://aka.ms/AAb9ysg>
________________________________
From: Melvin Carvalho <melvincarvalho@gmail.com<mailto:melvincarvalho@gmail.com>>
Sent: Monday, March 16, 2026 11:49:06 PM
To: Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>>
Cc: Drummond Reed <drummond.reed@gmail.com<mailto:drummond.reed@gmail.com>>; Manu Sporny (msporny@digitalbazaar.com<mailto:msporny@digitalbazaar.com>) <msporny@digitalbazaar.com<mailto:msporny@digitalbazaar.com>>; Markus Sabadello <markus@danubetech.com<mailto:markus@danubetech.com>>; Daniel Hardman - Personal () <daniel.hardman@gmail.com<mailto:daniel.hardman@gmail.com>>; public-credentials (public-credentials@w3.org<mailto:public-credentials@w3.org>) <public-credentials@w3.org<mailto:public-credentials@w3.org>>
Subject: Re: How/why "methods" became part of the original Decentralized Identifier conversations?



út 17. 3. 2026 v 3:03 odesílatel Michael Herman (Trusted Digital Web) <mwherman@parallelspace.net<mailto:mwherman@parallelspace.net>> napsal:

To: The Original DID People,

Who remembers how/why "methods" became part of the original Decentralized Identifier conversations?  What was the original catalyst/reason d’etre for having “methods”?

Why aren’t we all just using something simple and universal like: urn:<hash>?  …that is, one universal syntax plus multiple diverse back-end technology implementations?

Originally there was work using schemes like ni:// (RFC 6920) and related hash-based identifiers, which provide standardized content-addressable identifiers. I also built a proof of concept using ni:// for the web, which fed into later CG discussions.

DIDs emerged when the problem expanded beyond identifying content to identifying subjects with control: keys, rotation, and service endpoints. That shift introduced the need for method-specific resolution. At the same time, “decentralized” became a popular framing, including from a marketing perspective, which influenced the terminology and direction of the work.

From there, multiple use cases and stakeholders led to a proliferation of methods.
In the case of did:nostr, the aim is closer to the original hash-based simplicity, using the public key as a stable identifier, with did:nostr:<hash> as a compromise to interoperate with the DID ecosystem.




Michael

Web 7.0

Attachments

Received on Tuesday, 17 March 2026 19:48:13 UTC