Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sovereign Identity – Drummond Reed – Webinar 2
Drummond Reed, Chief Trust Officer at Evernym and Sovrin Foundation Trustee, features in our second Webinar “Decentralized Identifiers (DIDs): The Fundamental Building Block of Self-Sovereign Identity” by giving us a detailed explanation of what DIDs are, where they come from and what makes them one of the cornerstones to build Self Sovereign Identity.
We recommend watching our first webinar with Drummond “The Story of Open SSI Standards – Drummond Reed/Evernym – Webinar 1” to get a general view in which he explains the technical and development aspects of DIDs, DKMS, DID Auth and Verifiable Credentials.
Conventional identity management systems are based on centralized authorities such as corporate directory services, certificate authorities, or domain name registries. From the standpoint of cryptographic trust verification, each of these centralized authorities serves as its own root of trust. To make identity management work across these systems requires implementing federated identity management. The emergence of blockchain technology, provides the opportunity to implement fully decentralized identity management (DIDM). In DIDM, all participants with identities (called identity owners) share a common root of trust in the form of a globally distributed ledger (or a decentralized P2P network that provides similar capabilities).
In a DIDM architecture, each identity owner can be identified on a ledger with a key-value pair. The index key is a decentralized identifier (DID) and the value is its associated **DID description object **(DDO). Together these form a DID record. Each DID record is cryptographically secured by private keys under the identity owner’s control. Following the dictums of Privacy by Design, each identity owner may have as many DID records as necessary to respect the identity owner’s desired separation of identities, personas, and contexts.
This architecture not only eliminates dependence on centralized registries for identifiers, but also on centralized certificate authorities for key management as is typical of hierarchical PKI (public key infrastructure). Instead each identity owner serves as its own root authority via its own DID record(s) on the shared ledger—an architecture called a DPKI (decentralized PKI).
Slide share presentation:
How can you use these slides and knowledge?
This content is shared with a Creative Commons by Share Alike License. This allows you to reuse the powerpoint slides we are sharing here to build your own SSI communities around the globe. You only need to credit SSIMeetup and the invited guest of the day and share whatever you produce with the same license. Please read the license for full details.
Interested in collaborating or sharing?
Please get in touch via the contact form or one of the social media channels and we will find something interesting to do together or support you.