This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
dido:public:ra:xapend:xapend.b_stds:tech:w3c:dids [2021/07/27 13:29] murphy [Introduction (excerpt)] |
dido:public:ra:xapend:xapend.b_stds:tech:w3c:dids [2022/01/18 11:35] (current) nick |
||
---|---|---|---|
Line 4: | Line 4: | ||
<table> | <table> | ||
<caption>Data sheet for Decentralized Identifiers (DIDs) V1.0</caption> | <caption>Data sheet for Decentralized Identifiers (DIDs) V1.0</caption> | ||
- | | Title | Decentralized Identifiers (DIDs) v1.0; Core architecture, data model, and representations | | + | | Title | Decentralized Identifiers (DIDs) v1.0; Core architecture, [[dido:public:ra:xapend:xapend.a_glossary:d:dm|data model]], and representations | |
| Acronym | DID | | | Acronym | DID | | ||
| Version | 1.0 | | | Version | 1.0 | | ||
Line 17: | Line 17: | ||
| | ||
==== Abstract ==== | ==== Abstract ==== | ||
- | : //Decentralized identifiers (DIDs) are a new type of identifier that enables verifiable, decentralized digital identity. A DID identifies any subject (e.g., a person, organization, thing, [[dido:public:ra:xapend:xapend.a_glossary:d:dm]], abstract entity, etc.) that the controller of the DID decides that it identifies. These new identifiers are designed to enable the controller of a DID to prove control over it and to be implemented independently of any centralized registry, identity provider, or certificate authority. DIDs are URLs that associate a DID subject with a DID document allowing trustable interactions associated with that subject. Each DID document can express cryptographic material, verification methods, or service endpoints, which provide a set of mechanisms enabling a DID controller to prove control of the DID. Service endpoints enable trusted interactions associated with the DID subject. A DID document might contain semantics about the subject that it identifies. A DID document might contain the DID subject itself (e.g. a data model).// | + | : //Decentralized identifiers (DIDs) are a new type of [[dido:public:ra:xapend:xapend.a_glossary:i:id|identifier]] that enables verifiable, decentralized digital identity. A DID identifies any subject (e.g., a person, organization, thing, [[dido:public:ra:xapend:xapend.a_glossary:d:dm]], abstract [[dido:public:ra:xapend:xapend.a_glossary:e:entity|entity]], etc.) that the controller of the DID decides that it identifies. These new identifiers are designed to enable the controller of a DID to prove control over it and to be implemented independently of any centralized registry, identity provider, or [[dido:public:ra:xapend:xapend.a_glossary:c:ca]]. DIDs are URLs that associate a DID subject with a DID document, allowing trustable interactions associated with that subject. Each DID document can express cryptographic material, verification methods, or service endpoints, which provide a set of mechanisms enabling a DID controller to prove control of the DID. Service endpoints enable trusted interactions associated with the DID subject. A DID document might contain [[dido:public:ra:xapend:xapend.a_glossary:s:semantics|semantics]] about the subject that it identifies. A DID document might contain the DID subject itself (e.g. a data model).// |
: //This document specifies a common data model, a URL format, and a set of operations for DIDs, DID documents, and DID methods.// | : //This document specifies a common data model, a URL format, and a set of operations for DIDs, DID documents, and DID methods.// | ||
Line 24: | Line 24: | ||
: //Conventional identity management systems are based on centralized authorities such as corporate directory services, certificate authorities, or domain name registries. From the standpoint of cryptographic trust verification, each of these centralized authorities serves as its own root of trust. To make identity management work across these systems requires implementing federated identity management.// | : //Conventional identity management systems are based on centralized authorities such as corporate directory services, certificate authorities, or domain name registries. From the standpoint of cryptographic trust verification, each of these centralized authorities serves as its own root of trust. To make identity management work across these systems requires implementing federated identity management.// | ||
- | : //The emergence of distributed ledger technology (DLT) and blockchain technology provides the opportunity for fully decentralized identity management. In a decentralized identity system, entities (that is, discrete identifiable units such as, but not limited to, people, organizations, and things) are free to use any shared root of trust. Globally distributed ledgers, decentralized P2P networks, or other systems with similar capabilities, provide the means for managing a root of trust without introducing a centralized authority or a single point of failure. In combination, DLTs and decentralized identity management systems enable any entity to create and manage their own identifiers on any number of distributed, independent roots of trust.// | + | : //The emergence of distributed ledger technology (DLT) and blockchain technology provides the opportunity for fully decentralized identity management. In a decentralized identity system, entities (that is, discrete identifiable units such as, but not limited to, people, organizations, and things) are free to use any shared root of trust. Globally [[dido:public:ra:xapend:xapend.a_glossary:d:distributed_ledgers|distributed ledgers]], decentralized P2P networks, or other systems with similar capabilities, provide the means for managing a root of trust without introducing a centralized authority or a single point of failure. In combination, DLTs and decentralized identity management systems enable any entity to create and manage their own identifiers on any number of distributed, independent roots of trust.// |