Replying to Avatar Mike Brock

Come to realize one of the reasons people don't get DIDs, is they think they're just glorified pubkeys, or they're glorified decentralized Apple Wallets. This is just a wrong mental model.

The way to think about what DIDs and Verifiable Credentials from an engineering and application developer perspective, is to view them as a wholesale replacement for DNS and Certificate Authorities. They decentralize away from ICANN.

They are a new universal identity layer for the internet. But because they are open an extensible protocols, we can do everything from validate that website is legitimately owned by a company or individual. Or they can be used to model a driver's license, where a government agency issues the credential. The protocol doesn't care.

I think people who think they're "too complex" and add nothing that pubkeys don't, haven't thought too deeply about the totality of problem of identity on the internet, and are likely taking DNS (a highly centralized form of identity) for granted. When they probably shouldn't.
Avatar
Martin 2y ago 💬 1

to be honest, your post still doesn't make it any clearer what DIDs are and why they are nice. It's still all very vague claims so far.

Reply to this note

Please Login to reply.

Discussion

Avatar
w3tester 2y ago 💬 1

A DID is a unique identifier of an entity. This identifier is generated by cryptographic method, just like a Nostr key, and you hold the private key. So you can say it is self-sovereign because only you ave control over this DID. In reality, this identifier is linked to a series of keys for you to use in different scenarios.

Avatar
Martin 2y ago 💬 1

This much was already clear to me. So isn't it the same as a PGP key? What is new and special about DIDs?

Avatar
w3tester 2y ago

I think compared to PGP, the W3C got most of the stuff standardized, especially the part with verifiable data registry—the storage of the identifier and associated public keys. But the most important part is actually verifiable credentials and DID is like setting up a stage for it. I guess we don't have that with PGP.