Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sovereign Identity (SSI)

3,125 views

Published on

Drummond Reed, Chief Trust Officer at Evernym, will explain in our second Webinar "Decentralized Identifiers (DIDs) - Building Block of Self-Sovereign Identity (SSI)" giving us the background on how DIDs work, where they come from and why they are important for Blockchain based Digital Identity.

Published in: Internet
  • Be the first to comment

Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sovereign Identity (SSI)

  1. 1. Webinar: Decentralized Identifiers (DIDs) The Fundamental Building Block of Self-Sovereign Identity (SSI) SSIMeetup.org07 May 2018 Drummond Reed Chief Trust Officer Evernym and Sovrin Foundation Trustee @drummondreed https://creativecommons.org/licenses/by-sa/4.0/
  2. 2. 1. Empower global SSI communities 2. Open to everyone interested in SSI 3. All content is shared with CC BY SA SSIMeetup.org Alex Preukschat @SSIMeetup @AlexPreukschat Coordinating Node SSIMeetup.org https://creativecommons.org/licenses/by-sa/4.0/ SSIMeetup objectives 07 May 2018
  3. 3. Who Am I? 3 • 20 years in Internet Identity • 13 years (all 26 instances) of Internet Identity Workshop • 15 years in Internet Identity standards – W3C – OASIS – IETF – OpenID Foundation Years
  4. 4. Who Am I? 4 Chief Trust Officer, Evernym Trustee, Sovrin Foundation Chair, Sovrin Trust Framework Co-Chair, Decentralized Identity Foundation ID WG Co-Chair, OASIS XDI TC Principle Investigator, U.S Dept. of Homeland Security DID and DKMS Projects Hats
  5. 5. Three Models of Digital Identity
  6. 6. #1: Siloed (Centralized) Identity Standards: SSIMeetup.org
  7. 7. #2: Third-Party IDP (Federated) Identity Standards: SSIMeetup.org
  8. 8. #3: Self-Sovereign Identity (SSI) SSIMeetup.org
  9. 9. #3: Self-Sovereign Identity (SSI) Digital wallet SSIMeetup.org
  10. 10. Emerging Open Standards for SSI SSIMeetup.org
  11. 11. What is a DID?
  12. 12. 078-05-1120 SSIMeetup.org
  13. 13. did:sov:3k9dg356wdcj5gf2k9bw8kfg7a SSIMeetup.org
  14. 14. 14 SSIMeetup.org
  15. 15. 15 You will not have just one DID. You will have thousands. SSIMeetup.org
  16. 16. 16 Each one will give you a lifetime encrypted private channel with another person, organization, or thing SSIMeetup.org
  17. 17. 17 You will use it not just for authentication, but to exchange verifiable digital credentials SSIMeetup.org
  18. 18. 18 Best of all: there is no central registration authority— every DID is registered directly by you on a public or private blockchain or distributed network SSIMeetup.org
  19. 19. In summary, a DID is… A permanent (persistent) identifier – It never needs to change A resolvable identifier – You can look it up to get metadata A cryptographically-verifiable identifier – You can prove ownership using cryptography A decentralized identifier – No centralized registration authority is required 19 SSIMeetup.org
  20. 20. 20 No identifier in history has had all four of these properties—because what fundamentally enables DIDs is blockchain technology SSIMeetup.org
  21. 21. What does a DID look like?
  22. 22. URN Syntax (RFC 2141) 22 urn:uuid:ae84-d5c2-9fb785ea-72cd34 Namespace Scheme Namespace-Specific Identifier SSIMeetup.org
  23. 23. 23 did:sov:3k9dg356wdcj5gf2k9bw8kfg7a Method Scheme Method-Specific Identifier DID Syntax (W3C) SSIMeetup.org
  24. 24. What is a DID method spec?
  25. 25. 25 A DID method specification defines how to read and write a DID (and its DID document) on a specific blockchain or distributed network SSIMeetup.org
  26. 26. 26 Active DID Method Specs
  27. 27. The syntax of the method-specific identifier Any method-specific elements of a DID document The CRUD (Create, Read, Update, Delete) operations on DIDs and DID documents for the target system 27 A DID Method spec defines… SSIMeetup.org
  28. 28. What is a DID document?
  29. 29. 29 { “Key”: “Value” } SSIMeetup.org
  30. 30. DID (for self-description) Set of public keys (for verification) Set of auth methods (for authentication) Set of service endpoints (for interaction) Timestamp (for audit history) Signature (for integrity) 30 The standard elements of a DID doc SSIMeetup.org
  31. 31. { "@context": "https://w3id.org/did/v1", "id": "did:example:123456789abcdefghi", "publicKey": [{ "id": "did:example:123456789abcdefghi#keys-1", "type": "RsaSigningKey2018", "owner": "did:example:123456789abcdefghi", "publicKeyPem": "-----BEGIN PUBLIC KEY...END PUBLIC KEY-----rn" }], "authentication": [{ "type": "RsaSignatureAuthentication2018", "publicKey": "did:example:123456789abcdefghi#keys-1" }], "service": [{ "type": "ExampleService", "serviceEndpoint": "https://example.com/endpoint/8377464" }], Example DID Document (Part 1) 31 SSIMeetup.org
  32. 32. Example DID Document (Part 2) 32 "created": "2002-10-10T17:00:00Z", "updated": "2016-10-17T02:41:00Z", "signature": { "type": "RsaSignature2016", "created": "2016-02-08T16:02:20Z", "creator": "did:sov:8uQhQMGzWxR8vw5P3UWH1j#key/1", "signatureValue": "IOmA4R7TfhkYTYW87z640O3GYFldw0 yqie9Wl1kZ5OBYNAKOwG5uOsPRK8/2C4STOWF+83cMcbZ3CBMq2/ gi25s=" } } SSIMeetup.org
  33. 33. DID paths, queries, fragments • A DID itself always identifies a person, organization, or thing • But like any URI, a DID may be followed by a path, query, and/or fragment • A DID without a path or query but with a fragment is a pointer into the DID document • A DID with a path identifies another resource “rooted” on the DID 33 SSIMeetup.org
  34. 34. DIDs and Decentralized Identity
  35. 35. 35 DIDs only represent the very bottom layer of the decentralized identity stack SSIMeetup.org
  36. 36. DID Layer The decentralized identity “stack” Cloud Layer Identity Owners Edge Layer SSIMeetup.org
  37. 37. DIDs enable digitally signed verifiable claims SSIMeetup.org
  38. 38. DID Standardization
  39. 39. How did DIDs happen? Conceived in 2015 by W3C Verifiable Claims Task Force Evernym applied to U.S. Dept of Homeland Security S&T to fund DID standard Over 2016 Evernym worked with SSI community to develop DID V1.0 June 2017 DID spec contributed to W3C Credentials Community Group 39 SSIMeetup.org
  40. 40. 40 The second generation DID spec is currently being standardized by the W3C Credentials Community Group—membership is free and open to all SSIMeetup.org
  41. 41. 41 Work has begun to form the W3C DID Working Group—this is where the DID specification will become an official W3C open standard SSIMeetup.org
  42. 42. 42 DID Specification Links Implementers: please send feedback! https://www.w3.org/community/credentials/ http://forum.sovrin.org/c/technical/did SSIMeetup.org
  43. 43. 43 Thank You SSIMeetup.org
  44. 44. Webinar: Decentralized Identifiers (DIDs) The Fundamental Building Block of Self-Sovereign Identity (SSI) SSIMeetup.org07 May 2018 Drummond Reed Chief Trust Officer Evernym and Sovrin Foundation Trustee @drummondreed https://creativecommons.org/licenses/by-sa/4.0/

×