Decentralized Identifiers (DIDs) are a new type of identifier intended for verifiable digital identity that is "self-sovereign", fully under the control of an entity and not dependent on a centralized registry, identity provider, or certificate authority.
DIDs resolve to DID Documents — simple documents that contain all the metadata needed to interact with the DID. Specifically, a DID Document typically contains at least three things.
- The first is a set of mechanisms that may be used to authenticate as as a particular DID (e.g. public keys, pseudonymous biometric templates, etc.).
- The second is a set of authorization information that outlines which entities may modify the DID Document.
- The third is a set of service endpoints, which may be used to initiate trusted interactions with the entity. This document specifies a common data model, format, and operations that all DIDs support.
Decentralized Identifiers (DIDs) as personal trust anchors. Anyone can propose a DID method — ideally they leverage the power of blockchains, but a blockchain is not required. There are DID methods being proposed for public blockchains (Bitcoin, Blockstack, Ethereum), private blockchains (Sovrin/Indy), non-blockchain (IPFS), and even legacy web-of-trust identity systems (PGP).
Decentralized identifier (DID) is simply a new type of globally unique identifier with special features designed for blockchains. But at a deeper level, DIDs are actually the tip of the iceberg or the tip of the spear of an entirely new layer of decentralized digital identity and public key infrastructure (PKI) for the Internet. This decentralized public key infrastructure (DPKI) could have as much impact on global cybersecurity and cyber-privacy as the development of the SSL/TLS protocol for encrypted Web traffic (now the largest PKI in the world).
目标：cross-chain rooting, indexing, and resolution of decentralized identifiers and names.