8 Decentralized identifiers

by Drummond Reed and Markus Sabadello

Decentralized identifiers (abbreviated as “DIDs”), are the cryptographic counterpart to verifiable credentials (VCs) that together are the “twin pillars” of SSI architecture. In this chapter you will learn how DIDs evolved from the work started with VCs, how they are related to URLs and URNs, why a new type of cryptographically-verifiable identifier is needed for SSI, and how DIDs are being standardized at World Wide Web Consortium (W3C). Your guides will be two of the editors of the W3C Decentralized Identifier 1.0 specification: Markus Sabadello, Founder and CEO of Danube Tech, and Drummond Reed, Chief Trust Officer at Evernym.

At the most basic level, a decentralized identifier (DID) is simply a new type of globally unique identifier—not that different from the URLs you see in the address bar of your browser. But at a deeper level, DIDs are the atomic building block of a new layer of decentralized digital identity and public key infrastructure (PKI) for the Internet. This decentralized public key infrastructure (DPKI)[213] could eventually have as much impact on global cybersecurity and cyberprivacy as the development of the SSL/TLS protocol[214] for encrypted Web traffic (currently the largest PKI in the world).

This means you can understand DIDs at four progressively deeper levels (figure 8.1):

8.1       The superficial level: what is a DID?

8.1.1   URIs

8.1.2   URLs

8.1.3   URNs

8.1.4   DIDs

8.2       The functional level: how DIDs work

8.2.1   DID documents

8.2.2   DID methods

8.2.3   DID resolution

8.2.4   DID URLs

8.2.5   Comparison with the Domain Name System (DNS)

8.2.6   Comparison with Uniform Resource Names (URNs) and other Persistent Identifiers

8.2.7   Types of DIDs

8.3       The architectural level: why DIDs work

8.3.1   The core problem of Public Key Infrastructure (PKI)

8.3.2   Solution #1: The conventional PKI model

8.3.3   Solution #2: The web-of-trust model

8.3.4   Solution #3: Self-certifying identifiers

8.3.5   Solution #4: DIDs