As mentioned in a previous post, Self Sovereign Identity (“SSI”) effectively underscores the notion that people should be in control of their personal data as your personal data is what comprises your identity. An identifier refers to a real world identity about a specific use case or real world domain that has legal and practical applications. We need to be able to identify persons, concepts and things so that we can rely on and know who or what are dealing with is who they present themselves to be. As such identifiers are critical to our existence.
For instance, we need to prove our identity to:
Get a job;
Go to school;
Open a bank account;
Drive a car;
Rent an apartment;
Buy property;
Travel internationally, etc
Having identifiers is important. Very important.
Creating effective identifiers can be challenging. Some identifiers are difficult to create. Issues may also arise if isn’t persistent (can be lost). If you can lose your identifier that means, that you seek to exist. Additionally, a good identifier effectively and accurately proves or disproves someone’s identity. Further, if identifiers are managed by a centralized entity (i.e. Google or Apple), if the database disappears or the user is removed, then the identity is lost.
A Decentralized Identifier (“DID”) is a self sovereign identity unique global identifier that does not require a centralized authority because it is registered with a distributed ledger technology (we’ll just say blockchain for simplicity’s sake). With DIDs you do not have to manage numerous forms of identification, you can engage in transactions with any number of parties while maintaining control of your own data. You can manage your own identity without having to rely on third party authenticators, as they are embedded in Verifiable Credentials.
DIDs create a shared formation of trust with the blockchain serving as a trust anchor. The blockchain’s unique properties allows it to reliably and effectively maintain the DIDs and status of the Verifiable Credentials. Via the blockchain a DID is able to maintain the following properties: permanency (never changes); resolvability (can look up and cross check the public key); cryptographically verifiability (can prove ownership) and maintaining decentralization (no centralized registration is required).
What fundamentally enables DIDs is blockchain technology.
DID Syntax
A DID is a Uniform Resource Identifier (“URI”). We actually are very familiar with URIs. We are all familiar with URLs and a URL (abbreviation of Uniform Resource Locator) is a subset of a URI. A URL is an identifier that effectively “points” to a specific location on a network such as the Internet. Following, a URI, is a unique set of characters that identifies physical or abstract resources such as websites or people.
A URI is comprised of three parts: (1) a scheme, (2) a method and (3) a method-specific-id.
Accordingly for a DID, the URI would appear as such:
did:method:method-specific-id
DID Methods
The DID method defines how the DID is created, resolved, updated and deactivated. You might recognize the entities associated with some active DID Methods:
Sovrin —> did:soc
Bitcoin Preference —> did:btcc
Ethereum uPort —> did:uport
Blockstack —> did:stack
Vered One —> did:v1
IPFS —> did:ipld
Following, the method-specific-id is the unique reference that directs you to the DID Document.
DID Document
A set of data that describes the DID subject. When you look up the DID identifier / URI, the DID Document is what is returned.
DID Document Standard Elements
The DID Identifier (URI)
Public Keys (for verification)
Authentication Methods (i.e. instructions on how to authenticate)
Service Endpoints (services or applications utilizing the DID)
Timestamp (for audit history)
Signature (for integrity)
DID Controller
Is defined in the DID Method. The Controller is authorized to make changes to the DID document.
DID Subject
The person or entity being identified.
The purpose of this post was to provide a fundamental understanding of DIDS. With a DID identifier, individuals are able to prove who they are and maintain control of their identity. You can prove that your social security is part of your DID that is secured on a blockchain because you have a private key. As such, you can prove that you actually control it. Moreover, neither Apple or Google can or will have the ability to tamper with, lose or subject any of your personal information to bad actors. For entities or services that need to verify entity (Verifier) can easily refer to the DID Subject / Holder’s wallet on the blockchain to crosscheck any needed credential / identifying information.
References:
Article - here