Decentralized Identifiers: W3C proclaims official web standard

Decentralized Identifiers: W3C proclaims official web standard

The W3C has now declared Decentralized Identifiers (DID) to be the official web standard. The actual decision was made at the end of June, and now it has been formally confirmed. According to the internet consortium, DID should be part of a new ecosystem for verifiable credentials. The proof of identity should not be in the hands of central organizations or authorities, users or entities should manage it themselves. DIDs can also refer to organizations, documents, or other data and objects.

In addition to secure management of identities, the W3C also promises protection of privacy: DID allows you to decide which information you want to show. The new standard should be compatible with existing standards and widespread libraries. In addition to future expandability, the aim is to create a simple tool with DID. Reduced to a number of simple functions, DID should be easy to understand, implement and use. The table below provides an overview of the advertised feature.

goal Description

decentralization

Eliminate the requirement for centralized authorities or single point failure in identifier management, including the registration of globally unique identifiers, public verification keys, services, and other information.

Control

Give entities, both human and non-human, the power to directly control their digital identifiers without the need to rely on external authorities.

Privacy

Enable entities to control the privacy of their information, including minimal, selective, and progressive disclosure of attributes or other data.

Security

Enable sufficient security for requesting parties to depend on DID documents for their required level of assurance.

Proof based

Enable DID controllers to provide cryptographic proof when interacting with other entities.

Discoverability

Make it possible for entities to discover DIDs for other entities, to learn more about or interact with those entities.

interoperability

Use interoperable standards so DID infrastructure can make use of existing tools and software libraries designed for interoperability.

Portability

Be system- and network-independent and enable entities to use their digital identifiers with any system that supports DIDs and DID methods.

Simplicity

Favor a reduced set of simple features to make the technology easier to understand, implement, and deploy.

extensibility

Where possible, enable extensibility provided it does not greatly hinder interoperability, portability, or simplicity.

Source: W3C DID Design Goals

In contrast to e-mail addresses or social network accounts, DIDs are not linked to a provider or other service provider, which usually makes it impossible to transfer the identity. The syntax and semantics of a DID follow that of URIs (Uniform Resource Identifiers). A schema followed by a method and a string as an identifier. Each DID is associated with a document in JSON format that specifies how to proceed when verifying identity.

Structure of DID and associated DID documents.

(Image: W3C)

Schematic representation of the DID architecture and how each component relates to one another.

(Image: W3C)

The process was already highly controversial in the run-up to the standardization: Google and the Mozilla Foundation, among others, criticize that not even the methods that are critical for the new standard have been precisely specified and standardized. Methods can be suggested in a registry of the DID working group on GitHub. There are already over 130 suggestions – Mozilla complained about the complexity of the whole thing with over 50 entries. Especially with the goal of interoperability, it can hardly be reconciled if the methods are not compatible with each other.

To announce the new standard, the W3C also collected 37 testimonials from W3C members, from business and politics. Obviously, many of the well-known tech giants are missing from the praising, only Intel stands out. There are no voices from Apple, Microsoft, Amazon or Meta. Political institutions such as the EU Commission, US Customs and Border Protection or Homeland Security stand out among the contributions marked as industry voices. On the part of W3C members and industry, there are many representatives who classify DID as positive in the blockchain context. Google criticized in advance that DID might not be compatible with the goal of sustainable standards of the W3C. Google is currently converting the Google Pay service into a wallet with identity management.

As a previous merger of universities and research institutions, the World Wide Web Consortium recently announced plans to transform it into a non-profit organization at the turn of the year. In an interview, CEO Jeff Jaffe discussed what this means for the consortium.

For more information on Decentralized Identifiers, see the W3C press release and the official description of the standard. The arguments with which the W3C answered the concerns of Google and Mozilla can also be found on the W3C website.

More from iX Magazine

More from iX Magazine

(psst)

To home page

Connector exchange: Doctors get 400 million euros from the health insurance companies Previous post Connector exchange: Doctors get 400 million euros from the health insurance companies
SPAN versus TAP: This is how you tap into your LAN traffic as needed Next post SPAN versus TAP: This is how you tap into your LAN traffic as needed