Decentralization | Eliminate the requirement for centralized authorities or single point failure in identifier management, including the registration of globally unique identifiers, public verification keys, services, and other information.
Control | Give entities, both human and non-human, the power to directly control their digital identifiers without the need to rely on external authorities.
Privacy | Enable entities to control the privacy of their information, including minimal, selective, and progressive disclosure of attributes or other data.
Security | Enable sufficient security for requesting parties to depend on DID documents for their required level of assurance.
Proof-based | Enable DID controllers to provide cryptographic proof when interacting with other entities.
Discoverability | Make it possible for entities to discover DIDs for other entities, to learn more about or interact with those entities.
Interoperability | Use interoperable standards so DID infrastructure can make use of existing tools and software libraries designed for interoperability.
Portability | Be system- and network-independent and enable entities to use their digital identifiers with any system that supports DIDs and DID methods.
Simplicity | Favor a reduced set of simple features to make the technology easier to understand, implement, and deploy.
Extensibility | Where possible, enable extensibility provided it does not greatly hinder interoperability, portability, or simplicity.
In short, if the large platforms like Facebook, Google, Apple, Microsoft et al started using DIDs, we could start using logins across platforms instead of creating new accounts for each one.
Basically, the specification is trying to come up with a way of offering federated authentication ala OpenID, but without locking down the storage mechanism of the ID itself.
> In short, if the large platforms like Facebook, Google, Apple, Microsoft et al started using DIDs, we could start using logins across platforms instead of creating new accounts for each one.
Not a chance really.
First, DIDs define a method behind resolving data be it use a website, use bitcoin classic, etc. There are over 100 defined, and only "web" and "key" (inlined data in the URI) have achieved interoperability.
Second, if DIDs define authentication then your Apple/Facebook/Google account will require to own the DID so that they can make sure the authentication requirements aren't rewritten to be too weak to qualify.
Third, DIDs used in that way are less privacy preserving than the existing system, since it is now a global identifier shared with everyone.
First,which DID methods will be successful is a question of time, additional your wallet app could support multiple of these DID methods.
Second, DID and the corresponding keys are supposed to be owned by the user or managed by a platform, any indivdual can make the choice whteher he wants convience of managed keys or full privacy under his own control
Third, you can have a seperate DID for every service and they issue you an login credential for that particular service.
Basically, the specification is trying to come up with a way of offering federated authentication ala OpenID, but without locking down the storage mechanism of the ID itself.