title | author | date | keywords | favicon | theme | highlight-theme | fontawesomePro | fontawesomeFree | progress | controls | center | pdfSeparateFragments |
---|---|---|---|---|---|---|---|---|---|---|---|---|
DIF WG ID Presentation |
Jan Christoph Ebersbach |
2023-09-11 |
identity credentials ssi did did:web |
tokyo-night-dark |
true |
false |
true |
false |
true |
false |
View presentation at: 230911 DIF WG ID Presentation
-
did:web only specifies an API for the
Read/Resolve
method -
Create
,Update
andDelete
need to be performed manually -
Since did:web is cost effective, simple, human-readable and doesn't require much infrastructure, can we make it more usable 🤔
- did:web web service that provides an API for all CRUD methods
- Solely relies on DIDs and VCs for access control and data
- Provide some of self-sovereign features in the API
- DID is used to identify administrator
- Admin issues DID doc of new users as VC wrapped in a VP
- Admin sends signed VP to HTTP API of did-web-server
- DID is used to identify administrator
- Admin issues VC with user's DID as subject.id wrapped in a VP
- Admin sends signed VP to HTTP API of did-web-server
- User is identified by his/her DID on the server
- User issues updated DID doc as VC wrapped in a VP
- User sends signed VP to HTTP API of did-web-server
(Small "self-sovereign" limitation: Admin is not allowed to update existing DID)
According to spec.
- did-web-server implementation exists in Rust
- JS client implementation in progress
- DID CLIs like didkit can be use to craft request data
- did-webplus https://github.com/LedgerDomain/did-webplus/
- did-webs https://dhh1128.github.io/did-method-webs/
- Github issue with did:web 2.0 suggestion (link currently missing)
- Business need?
- Technical feasibility?
- Ideas for potential next steps?
- Possibility for integration into Universal Registrar?
- Constraints:
- minimal, ideally no prerequisites - no DID, no VC, no wallet
- benefit for the people observing DIDs/VCs
- benefit for the provider who's providing DIDs/VCs
Enhance websites with DIDs and VCs and provide a browser plugin / website for inspecting the data
- ☑ Browser plugin exists that retrieves did:web DID and a Verifiable Presentation from a domain, verifies and displays it
- ☑ did:web spec exists for linking a DNS domain to a did:web DID
- ☐ DIF Well Known DID Configuration exists for linking any DID to a DNS domain and vice verca (not yet implemented)
- ☐ No standardized way to publicly link a VC to a DID document
- ☐ No Well Known VC/VP Configuration spec, yet
- Business use cases?
- Technical feasibility?
- Ideas for potential next steps?