Decentralized Identifiers (DIDs) v1.0 Becomes a W3C Recommendation
From a World Wide Web Consortium (W3C) Announcement:
The World Wide Web Consortium (W3C) has announced that Decentralized Identifiers (DIDs) v1.0 is now an official Web standard. This new type of verifiable identifier, which does not require a centralized registry, will enable both individuals and organizations to take greater control of their online information and relationships while also providing greater security and privacy.
There is a historical analog to this announcement in the evolution of mobile phone numbers. Originally these were owned by the mobile carrier and “rented” to the individual. This required individuals to change numbers if they changed carriers. With the adoption of mobile phone number portability, individuals could now “take their numbers with them” when switching carriers.
The same is true of most email addresses and social network addresses today—they are not “owned” by individuals and must be changed if the individual changes providers. By contrast, W3C Decentralized Identifiers can be controlled by the individuals or organizations that create them, are portable between service providers, and can last for as long as their controller wants to continue using them.
Whatsmore, DIDs have the unique property of enabling the controller to verify ownership of the DID using cryptography. This can enable any controller of a DID—an individual, an organization, an online community, a government, an IoT device—to engage in more trustworthy transactions online. For individuals in particular, DIDs can put them back in control of their personal data and consent, and also enable more respectful bi-directional trust relationships where forgery is prevented, privacy is honored, and usability is enhanced.
Fundamentally, Decentralized Identifiers are a new type of globally unambiguous identifier that can be used to identify any subject (e.g., a person, an organization, a device, a product, a location, even an abstract entity or a concept). Each DID resolves to a DID document that contains the cryptographic material and other metadata for controlling the DID. The foundational pillars of the DID specification are: 1) DIDs do not require a central issuing agency (decentralized), 2) DIDs do not require the continued operation of an underlying organization (persistent), 3) Control of DIDs, and the information they are associated with, can be proven cryptographically (verifiable), and 4) DID metadata can be discovered (resolvable).
Markets adopting DIDs
W3C Decentralized Identifiers, coupled with W3C Verifiable Credentials, are being used across a number of markets where identification and data authenticity is a concern:
- Governments – The US, Canada, and the EU, are exploring the use of DIDs to provide privacy-protecting digital identity documentation for their businesses and residents, which enable those entities to choose how and when their data is shared.
- Retailers – convenience stores, grocery stores, restaurants, bars, and consumer goods companies in the US are utilizing DIDs for new digital age verification programs to increase privacy, checkout speed, and combat the use of fraudulent identity documents when purchasing age-gated products.
- Supply chain stakeholders — global government regulators, trade standards institutions, vendors, shippers, and retailers—are using DIDs to explore next generation systems that more accurately verify the origin and destination of products and services, which will streamline and enable the reporting designed to apply correct tariffs, prevent dumping, and monitor transshipment.
- Workforce – universities, job training programs, and education standards organizations are adopting DIDs in order to issue digital learning credentials that are controlled and shared by the graduate when applying for higher education or workforce positions.
The Work Continues at W3C
W3C, composed of over 450 organizations, has made the investment in W3C Decentralized Identifiers and W3C Verifiable Credentials to ensure a more decentralized, privacy-respecting, and consent-based data sharing ecosystem. Official standards work will continue on these technologies through the newly re-chartered W3C Verifiable Credentials 2.0 Working Group, which will focus on expanding functionality based on market feedback. Further incubation on future privacy-respecting technologies will occur through the W3C Credentials Community Group, which is open to participation by the general public.
The World Wide Web Consortium (W3C) has announced that Decentralized Identifiers (DIDs) v1.0 is now an official Web standard. This new type of verifiable identifier, which does not require a centralized registry, will enable both individuals and organizations to take greater control of their online information and relationships while also providing greater security and privacy.
There is a historical analog to this announcement in the evolution of mobile phone numbers. Originally these were owned by the mobile carrier and “rented” to the individual. This required individuals to change numbers if they changed carriers. With the adoption of mobile phone number portability, individuals could now “take their numbers with them” when switching carriers.
The same is true of most email addresses and social network addresses today—they are not “owned” by individuals and must be changed if the individual changes providers. By contrast, W3C Decentralized Identifiers can be controlled by the individuals or organizations that create them, are portable between service providers, and can last for as long as their controller wants to continue using them.
Whatsmore, DIDs have the unique property of enabling the controller to verify ownership of the DID using cryptography. This can enable any controller of a DID—an individual, an organization, an online community, a government, an IoT device—to engage in more trustworthy transactions online. For individuals in particular, DIDs can put them back in control of their personal data and consent, and also enable more respectful bi-directional trust relationships where forgery is prevented, privacy is honored, and usability is enhanced.
Fundamentally, Decentralized Identifiers are a new type of globally unambiguous identifier that can be used to identify any subject (e.g., a person, an organization, a device, a product, a location, even an abstract entity or a concept). Each DID resolves to a DID document that contains the cryptographic material and other metadata for controlling the DID. The foundational pillars of the DID specification are: 1) DIDs do not require a central issuing agency (decentralized), 2) DIDs do not require the continued operation of an underlying organization (persistent), 3) Control of DIDs, and the information they are associated with, can be proven cryptographically (verifiable), and 4) DID metadata can be discovered (resolvable).
Markets adopting DIDs
W3C Decentralized Identifiers, coupled with W3C Verifiable Credentials, are being used across a number of markets where identification and data authenticity is a concern:
- Governments – The US, Canada, and the EU, are exploring the use of DIDs to provide privacy-protecting digital identity documentation for their businesses and residents, which enable those entities to choose how and when their data is shared.
- Retailers – convenience stores, grocery stores, restaurants, bars, and consumer goods companies in the US are utilizing DIDs for new digital age verification programs to increase privacy, checkout speed, and combat the use of fraudulent identity documents when purchasing age-gated products.
- Supply chain stakeholders — global government regulators, trade standards institutions, vendors, shippers, and retailers—are using DIDs to explore next generation systems that more accurately verify the origin and destination of products and services, which will streamline and enable the reporting designed to apply correct tariffs, prevent dumping, and monitor transshipment.
- Workforce – universities, job training programs, and education standards organizations are adopting DIDs in order to issue digital learning credentials that are controlled and shared by the graduate when applying for higher education or workforce positions.
The Work Continues at W3C
W3C, composed of over 450 organizations, has made the investment in W3C Decentralized Identifiers and W3C Verifiable Credentials to ensure a more decentralized, privacy-respecting, and consent-based data sharing ecosystem. Official standards work will continue on these technologies through the newly re-chartered W3C Verifiable Credentials 2.0 Working Group, which will focus on expanding functionality based on market feedback. Further incubation on future privacy-respecting technologies will occur through the W3C Credentials Community Group, which is open to participation by the general public.
Filed under: Associations and Organizations, Companies (Publishers/Vendors), Data Files, News
About Gary Price
Gary Price (gprice@gmail.com) is a librarian, writer, consultant, and frequent conference speaker based in the Washington D.C. metro area. He earned his MLIS degree from Wayne State University in Detroit. Price has won several awards including the SLA Innovations in Technology Award and Alumnus of the Year from the Wayne St. University Library and Information Science Program. From 2006-2009 he was Director of Online Information Services at Ask.com.