15G/ DID Method Rubric
DID Method Rubric
Session Convener: Joe Andrieu
Notes-taker(s): Peter Conerly
Tags / links to resources / technology discussed, related to this session:
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
The DID Method rubric came out of the discussion out of “what was a decentralized identifier”. We couldn’t agree on a common definition that was suitable for everyone.
“DID as a format that combines both issuer and identifier. Method is kind of issuer, or the domain in which this credential is unique. There’s value in that structure regardless of whether it’s decentralized. There’s potentially a lot of value here even if they’re not decentralized, and we’d like to let them still use the `did:` prefix.” - George
DIDs have 3 columns:
- Sovereign system:
- Ethereum
- Bitcoin
- Mastercard
- “We will manage our data how we want to!!!”
- Apps: can use decentralized identifiers to verify actions taken on sovereign systems
- Banks
- Messengers
- Resolvers
- Can verify a DID and retrieve DID documents. Ideally resolvers are run by apps and are open-source
Running it on PREM is most trustworthy than AWS?
Sometimes you care about reliability, sometimes you care about anti-censorship
Criteria rubric for DID systems
https://www.w3.org/TR/did-rubric/#the-criteria
Evaluators need to disclose how they evaluate dids
How is the did-rubric updated?
It’s now an informal registry. As a registry, there is a registration process and it will explain how to make a pull request.
In evaluations, there needs to be a use case specified to understand the use case specification.
Implementations are ignored for the case of evaluations. Internet has a lot of vulnerabilities
Who are the users of the did method evaluations?
- It’s organizations that need to evaluate these did method implementors
- But also customers who are going to use these did methods and wants to choose a method.