Tim Berners-Lee announced the decision to make the specification that defines decentralized identifiers for the Web (DID, Decentralized Identifier), the status of a recommended standard. The objections raised by Google and Mozilla are dismissed.
The DID specification introduces a new type of unique global identifiers that are not tied to individual centralized services and organizations, such as domain registrars and certification authorities. The identifier can be associated with an arbitrary resource and generated by systems trusted by the owner of the resource. Identity authentication uses proof-of-ownership authentication based on cryptographic mechanisms such as digital signatures. The specification allows the use of various methods for distributed control and obtaining information about identifiers, including methods based on the blockchain.
The format of the new URI is formed as "did:method:unique_identifier", where "did" specifies the new URI scheme, "method" indicates the mechanism for handling the identifier, and "unique_identifier" is a resource identifier specific to the selected method, for example, "did:example :123456789abcdefghi". The field with the method specifies the name of the used service for storing verified data, which guarantees the uniqueness of the identifier, determines its format and provides binding of the identifier to the resource for which it was created. The URI with the ID is converted to a JSON document with metadata describing the requested object and including public keys to verify the owner.
Method implementations are outside the scope of the DID standard, are defined in their specifications, and maintained in a separate registry. Currently, 135 methods have been proposed based on different blockchains, cryptographic algorithms, distributed technologies, decentralized databases, P2P systems and identification mechanisms. It is also possible to create DID bindings on top of centralized systems, for example, the web method allows binding to traditional host names (for example, "did:web:example.com").
Google's objections are related to the separation of the specification for the general mechanism of decentralized identifiers from the specifications for the final implementations of the methods, which does not allow analyzing the correctness of the main specification without examining the specifications of the methods. Publishing the main specification when the method specifications are not ready makes it difficult to review, and Google has suggested deferring the standardization of the DID general specification until a few best methods are ready to be standardized, as in the method standardization process, subtle points may emerge that require the main specification to be finalized.
Mozilla's objection is that the specification does not properly push for portability, leaving the issue to the side of the method registry. More than a hundred methods have already been proposed in the registry, created without regard for compatibility and unification of standard solutions. In its current form, it is encouraged to create a new method for each task, rather than trying to adapt existing methods to suit your needs.
The position of the W3C is that the standardization of the DID specification, which defines a new extensible identifier class and associated syntax, will encourage method development and consensus on method standardization. In its current form, there is enough evidence of the applicability of the main specification for solving problems in demand in the community developing decentralized technologies. Proposed implementations of methods should not be judged by analogy with new URL schemes, and the creation of a large number of methods can be seen as conforming to the base specification to the needs of developers.
The standardization of certain methods is seen as a more difficult task, in terms of achieving consensus among developers, than the standardization of a common class of identifiers. Therefore, the adoption of a common specification before standardization of methods is considered as a solution that can cause less potential harm to the community implementing decentralized identifiers.
Source: opennet.ru