DID is a type of identifier that enables a verifiable, decentralized digital identity. It is based on the Self-sovereign identity paradigm. A DID uniquely identifies an entity (like a person or organization). These identifiers are designed to enable the controller of a DID to prove control over it and to be implemented independently of any centralized registry, identity provider, or certificate authority. Generation and control over DID lies with the identity owner i.e. DID subject (eg: through private keys in a wallet).
DIDs are persistent, cryptographically verifiable, and are dereferencable.
DIDs are building blocks for verifiable credentials, wallets, etc. To make all this work, we need to be able to “resolve” DIDs to their associated DID Documents. This process fulfills a similar purpose as DNS does in the classic web.
DIDs have a foundation in URIs. A simple way to think about DID is that it is a new type of URI that does not require a centralized authority to register, resolve, update, or revoke.
DID resolution is the process of getting from a DID to its DID Document. It is analogous to the resolution of DNS name to IP address
DID Document contains metadata of a DID subject. It contains the minimum amount of information in order to connect with the DID subject. The key information contained in a DID document are public keys, service endpoints, and authentication methods.
Last Updated: 10 November 2021