https://ssimeetup.org/decentralized-identifiers-dids-fundamentals-identitybook-info-drummond-reed-markus-sabadello-webinar-46/
Decentralized identifiers (abbreviated as “DIDs”), are the cryptographic counterpart to verifiable credentials (VCs) that together are the “twin pillars” of SSI architecture. In this special IdentityBook.info webinar Markus Sabadello, Founder and CEO of Danube Tech, and Drummond Reed, Chief Trust Officer at Evernym, co-authors of the DID chapter of the “Self-Sovereign Identity:
Decentralized Digital Identity and Verifiable Credentials” book published by Manning will explain all the fundamentals of DIDs. Based on the did chapter of the book, you will learn how DIDs evolved from the work started with VCs, how they are related to URLs and URNs, why a new type of cryptographically-verifiable identifier is needed for SSI, and how DIDs are being standardized at World Wide Web Consortium (W3C). Your guides will be two of the editors of the W3C Decentralized Identifier 1.0 specification: Markus Sabadello and Drummond Reed.
Hot Call Girls |Delhi |Hauz Khas ☎ 9711199171 Book Your One night Stand
Decentralized Identifier (DIDs) fundamentals deep dive
1. Decentralized Identifiers (DIDs)
fundamentals
IdentityBook.info special
twitter.com/IdentityBookHQ
SSIMeetup.orghttps://creativecommons.org/licenses/by-sa/4.0/
Drummond Reed
W3C DID specification
co-author
Chief Trust Officer Evernym
Markus Sabadello
W3C DID specification
co-author
Founder Danube Tech
2. 1. Empower global SSI communities
2. Open to everyone interested in SSI
3. All content is shared with CC BY SA
SSIMeetup.org
Alex Preukschat @SSIMeetup @AlexPreukschat
Coordinating Node SSIMeetup.org
https://creativecommons.org/licenses/by-sa/4.0/
SSIMeetup objectives
17 May 2018
5. The Superficial Level:
What is a DID?
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
6. URIs, URLs, and URNs
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
● URLs locate resources on a network
● URNs are persistent names for a resource that
will never change no matter its location
● A DID is functionally a URN that in many cases
can be resolved into one or more URLs
7. The four core properties of a DID
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
8. The Functional Level:
How DIDs Work
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
9. SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
"For digital identifiers, the usefulness
comes just not from the identifier
itself, but from how it can be used
by applications designed to consume
that particular type of identifier.”
10. DIDs, DID documents, and DID subjects
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
11. A typical DID document contains:
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
● One or more public keys (or other verification methods) that can be
used to authenticate the DID subject during an interaction
● One or more services associated with the DID subject that can be
used for interaction via protocols supported by those services
● Additional metadata such as timestamps, digital signatures and
other cryptographic proofs, or metadata related to delegation and
authorization
12. Example DID Document
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
{
"@context": "https://www.w3.org/ns/did/v1",
"id": "did:example:123456789abcdefghi",
"authentication": [{
"id": "did:example:123456789abcdefghi#keys-1",
"type": "Ed25519VerificationKey2018",
"controller": "did:example:123456789abcdefghi",
"publicKeyBase58" : "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV"
}],
"service": [{
"id":"did:example:123456789abcdefghi#vcs",
"type": "VerifiableCredentialService",
"serviceEndpoint": "https://example.com/vc/"
}]
}
13. DID Methods
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
● DIDs are not created and maintained in a single type of database or network
like most other types of URIs
● DID methods all support the same basic functionality but they differ in how
that functionality is implemented
14. DID Resolution
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
● The process of obtaining the DID document associated with a DID
● Rather than thinking of DID resolution as a protocol, it should be considered
an abstract function or algorithm
15. DID URLs
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
● DIDs are powerful identifiers by themselves, but they can also be used as the
basis for constructing more advanced URLs rooted in a DID
● This is like how http/https URLs can consist of more than just a domain name
● DID URLs enable an "identifier space" for additional resources associated
with the DID
16. Example DID URLs
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
did:example:1234/
did:example:1234#keys-1
did:example:1234;version-id=4#keys-1
did:example:1234/my/path?query#fragment
did:example:1234;service=hub/my/path?query#fragment
17. Comparing DIDs with Domain Names
Decentralized Identifiers (DIDs) Domain Names
Globally unique Globally unique
Persistent Reassignable
Machine-friendly identifiers (i.e., long character
strings based on random numbers / cryptography)
Human-readable names
Resolvable using different mechanisms defined by
the applicable DID method
Resolvable using the standard DNS protocol
Associated data is expressed in DID documents Associated data is expressed in DNS zone files
Fully decentralized namespaces without delegation Hierarchical, delegatable namespaces based on
centralized root registries for top-level domain
names (TLDs)
Cryptographically-verifiable Verifiable using DNS security extensions (DNSSEC)
Fully under the control of the DID controller Ultimately controlled by ICANN and the registry
operator for each DNS TLD
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
18. Comparison with other persistent identifiers
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
19. Types of DIDs
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
● Ledger-based DIDs: The "original" category of DID methods involves
a blockchain or other DLT
● Ledger Middleware (“Layer 2”) DIDs: Adds an additional storage
layer “on top” of the base layer blockchain
● Peer DIDs: Exists only within a relationship between a limited number
of participants
● Static DIDs: Can only be created and resolved, but not updated or
deactivated
● Alternative DIDs: Do not fall into any of the other categories
21. SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
“Since it was first conceived, PKI has one
hard problem at its very core. It is not a
problem with cryptography per se, i.e., with
the math involved with public/private keys or
encryption/decryption algorithms. Rather it is
a problem with cryptographic infrastructure,
i.e., how we can make public/private key
cryptography easy and safe for people and
organizations to use at scale.”
22. The following slides walk you
through the narrative we present
in this part of the chapter
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
25. The PKI Trust Triangle
25
Controller
Private
Key
Public Key
Controls Publishes
Cryptographic binding
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
26. Public Half
MUST be shared
The PKI Trust Triangle
26
Controller
Private
Key
Public Key
Controls Publishes
Private Half
Must NOT be shared
Cryptographic binding
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
27. The problem lies right here
27
Controller
Private
Key
Public Key
Controls Problem spot
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
34. The real PKI Trust Triangle
34
Identifier
Private
Key
Public Key
Controls Publishes
Controller
Identifies
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
44. Digital Identifiers
Type Challenges with Strong Binding
Phone Number Reassignable, limited #, hard to register
IP Address Reassignable, spoofable, hard to register
Domain Name Reassignable, spoofable, DNS poisoning
Email Address Reassignable, spoofable, weak security
URL Dependent on a Domain Name
X.500 Dist. Name Hard to register
X.500 Certs
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
52. Public Key Certificate Signed by a CA
52
Private
Key
Public Key
Controls Publishes
Controller
Identifies
Identifier
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
67. Generation of the original key pair and DID
67
DID
Private
Key1
Public Key1
Controls Publishes
Controller
Generates
Publishes
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
69. Publishing the original DID document
DID
Private
Key1
Public Key1
Controls Publishes
Controller
Generates
Publishes
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
71. Publishing the updated DID document
71
DID
Private
Key2
Public Key2
Controls Publishes
Controller
Publishes
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
77. Example: a DID for a newborn
DID
Private Key Public Key
Controller
IdentifiesKnows
Publishes
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
80. Discovery of service endpoint URLs
DID
Private Key Public Key
Controller
URL
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
81. The Semantic Level:
What DIDs Mean
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
82. A brief history of addresses
SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
83. SSIMeetup.orgReleased under a Creative Commons license. (CC BY-SA 4.0).
“What new communications network function-
ality do DIDs enable that could not be done
before? The short answer is that DIDs were
invented to support both the cryptographic
trust and the human trust required for the
four-layer architecture of any trust network
based on the Trust over IP stack introduced
in Chapter 5 and shown again here.”