Identifiers & Discovery Working Group - DIF

6 minute read

Webpage - GitHub - Slack

Members of the Working Group are engaged in development of protocols and systems that enable creation, resolution, and discovery of decentralized identifiers and names across underlying decentralized systems, like blockchains and distributed ledgers.

  • I&D WG Charter
    • Specifications, implementations, test suites, etc. related to creation, derivation, resolution, management, use of all forms of decentralized identifiers (i.e. including, but not limited to W3C DIDs)
    • Relationship between identifier systems (e.g. DID and domain names)
    • Relationship between identifiers and other decentralized identity building blocks (e.g. EDV)
    • Discovery protocols (e.g. for hubs, agents)
    • Establishment and maintenance of control authority over an identifier (e.g. KERI)
    • Security and trust in identifier infrastructure (e.g. Linked Data Security)
    • Work on concrete DID methods
  • Mailing list

    A key piece of the decentralized identity equation is how people, organizations, and devices can be identified and located without centralized systems of identifiers (e.g. email addresses). DIF members are actively working on protocols and implementations that enable creation, resolution, and discovery of decentralized identifiers and names across decentralized systems, like blockchains and distributed ledgers.

  • Meeting page

    For this call, you are encouraged to turn your video on. This is a good way to build rapport given we are a large, disparate group experiencing a lot of churn.

    This document is live-edited DURING each call, and stable/authoritative copies live on our github repo under /agenda.md . Please note that we might not notice a pullrequest in time, but you are free to propose agenda items for future meetings via hackmd.

Specs & Projects

Universal Resolver

Spec and implementation of a driver-based framework that enables resolution of DIDs.

Resolver Drivers

Universal Registrar

Spec and implementation of a driver-based framework that enables creation/updates/deactivation of DIDs.

  • decentralized-identity/universal-registrar

    A Universal Registrar is an identifier registrar that works with any decentralized identifier system, including Decentralized Identifiers (DIDs).

    • Driver Development

      The Universal Registrar’s function is wrapping an API around a number of co-located Docker containers running DID-method-specific drivers. The Universal Registrar is designed to support additional DID methods as they are developed by the community. The contribution for a new DID method driver consists of a Docker image which exposes an HTTP interface for creating/updating/deactivating DIDs. New contributions are submitted as Pull Requests to the Universal Registrar (this) repository.

  • decentralized-identity/universal-registrar-frontend - Frontend web UI for Universal Registrar.

Registrar Drivers

.well-known DID configuration

Spec, docs, and implementations for discovering DIDs from .well-known HTTP(S) URIs.

  • decentralized-identity/.well-known/
    • Repo Webpage

      Making it possible to connect existing systems and Decentralized Identifiers (DIDs) is an important undertaking that can aid in bootstrapping adoption and usefulness of DIDs. One such form of connection is the ability of a DID controller to prove they are the same entity that controls an origin.

      The DID Configuration resource provides proof of a bi-directional relationship between the controller of an origin and a DID via cryptographically verifiable signatures that are linked to a DID’s key material. This document describes the data format of the resource and the resource location at which origin controllers can publish their DID Configuration.

  • Spec

    Making it possible to connect existing systems and Decentralized Identifiers (DIDs) is an important undertaking that can aid in bootstrapping adoption and usefulness of DIDs. One such form of connection is the ability of a DID controller to prove they are the same entity that controls an Internet domain.

    The DID Configuration resource provides proof of a bi-directional relationship between the controller of an Internet domain and a DID via cryptographically verifiable signatures that are linked to a DID’s key material. This document describes the data format of the resource and the resource location at which Internet domain controllers can publish their DID Configuration.

    Due to the location of the DID Configuration resource, discovery of associated Decentralized Identifiers against a domain is trivial. However, the inverse (i.e given a DID-URI discover the associated domains) is deemed out of scope.

KERI - Key Event Receipt InfrastructureSpec and implementation of an identifier and key

rotation technology, where your primary root of trust is entropy, not any particular ledger.

Peer DID Method Specification

A rich DID method that has no blockchain dependencies. The verifiable data registry is a synchronization protocol between peers.

  • decentralized-identity/peer-did-method-spec
  • Spec

    This document defines a “peer” DID Method that conforms to the DID Spec. The method can be used independent of any central source of truth, and is intended to be cheap, fast, scalable, and secure. It is suitable for most private relationships between people, organizations, and things. We expect that peer-to-peer relationships in every blockchain ecosystem can benefit by offloading pairwise and n-wise relationships to peer DIDs.

DID Spec Extensions

Extension parameters, properties, and values for the DID spec registries.

Other Repositories

Comments by Staticman and Identosphere

Leave a Comment

Your email address will not be published. Required fields are marked *

Loading...