universal-resolver
universal-resolver copied to clipboard
decentralized-identity
How do I 'deep link' to a document?
Sorry for being dumb, but I'd like to create a URL that links directly to the DID doc for did:ion:EiClkZMDxPKqC9c-umQfTkR8vvZ9JPhl_xLDI9Nfk38w5w
I know this isn't to be used in production, but it would just be handy to show this in a short paragraph I'm writing about DID.
Linking to this page with the Document tab open and the results of did:ion:EiClkZMDxPKqC9c-umQfTkR8vvZ9JPhl_xLDI9Nfk38w5w would be sufficient: https://dev.uniresolver.io/
e.g. something like this: https://dev.uniresolver.io/?did=did:ion:EiClkZMDxPKqC9c-umQfTkR8vvZ9JPhl_xLDI9Nfk38w5w#Document
Ho ho!
https://dev.uniresolver.io/#did:ion:EiClkZMDxPKqC9c-umQfTkR8vvZ9JPhl_xLDI9Nfk38w5w
Sorry, this is a weird place to ask for feedback, but do you think the following stretches the truth too much;
- Figure 2: The Distributed IDentity (DID) ecosystem. Identities in DID are simply private keys. DID works by using URIs (called DIDs) to resolve DID documents that typically contain the corresponding public keys for attesting to your identity. The DID document resolution may be done via a blockchain, e.g. https://dev.uniresolver.io/#did:ion:EiClkZMDxPKqC9c-umQfTkR8vvZ9JPhl_xLDI9Nfk38w5w. An individual may create as many DIDs as desired, and may link arbitrary data to the identity via the DID document. Using PKI, cryptographic certificates may be issued and verified by third parties. Such certificates may use homomorphic encryption, zero knowledge proofs or other protocols to safeguard anonymity.
Sorry, this is a weird place to ask for feedback, but do you think the following stretches the truth too much;
I think your description is pretty good, here are just some small suggestions:
- You may want to distinguish between "identifier" and "identity". A DID is a "Decentralized Identifier". The term "identity" has different meanings, but usually includes everything about you (personal data, claims, etc.), not just the identifier (the DID) itself.
- Regarding private keys, I wouldn't say that "Identities in DID are simply private keys", but you could e.g. say that "identifiers are controlled by private keys".
- Regarding "The DID document resolution may be done via a blockchain", that's true, but maybe mention that there are also types of DIDs that can be resolved without a blockchain. In your example, the DID method is "ion", which does indeed use a blockchain (Bitcoin), so your example is correct!
- Regarding "may link arbitrary data to the identity via the DID document", It's true that arbitrary data can be linked to a DID, but you should maybe also mention that the DID document itself should NOT contain personal data (for privacy reasons, since the DID document is public!)
Hope this helps, let us know if you have other thoughts or questions!
@CholoTook
Identities in DID are simply private keys
Unless of course your DID supports key rotation so that the private keys may change which means that the identitiy is not the private key but some verifiable data structure that provides a proof of the current key state (i.e. the current controlling private key or key(s) (if multi-sig). See keri.one for an example of such a type of identifier. These are a type of "Self-Certifying Identifier"
The DID document resolution may be done via a blockchain
;-)
I was trying not to trigger anyone ;-P
Good point @SmithSamuelM, I was trying to simplify as much as possible, but the key is not the identifier if key rotation is being used.
I re-wrote the first couple of sentences to try to address this feedback:
- A DID is a URI that resolves to a public ‘DID Document’. The DID Document typically contains the public key of a user-generated key pair, used for controlling the identifier.
@CholoTook can we close this issue?
@peacekeeper maybe there should be a section in the readme of this repo or on the index.html of the resolver to inform others about this feature of the universal resolver?
