Decentralized Identifiers 1.0 are now a W3C standard

Overcoming the formal objections of Google, Apple and Mozilla, Tim Berners Lee announced via Ralph Swick “The DID core specification is approved to advance to W3C Recommendation.” The DID Core 1.0 is officially a W3C standard, raising the prospects of decentralized digital credentials and self-sovereign identity.

DID Core was a community effort that began in 2014 with the vision of a new digital identity technology that would be open and interoperable, enabling individuals, small businesses, governments and companies to create interoperable digital identifiers.

“The Decentralized Identifiers (DIDs) defined in this specification are a new type of globally unique identifier,” the new standard reads. “They are designed to enable individuals and organizations to generate their own identifiers using systems they trust.”

The pre-standards work for DID Core was started in 2014, with the DID Core working group starting on September 1, 2019. On January 3, 2020, the working group launched the First Public Working Draft. Over the following year, the working group resolved all raised issues in order to reach consensus and release the Candidate Recommendation for DID Core on March 20, 2021.

The expectation was the candidate recommendation would be voted on without much ado and become a specification in the next three months. The W3C standards process requires community consensus, and the working groups use a process to raise and address all community issues before issuing the candidate recommendation. This means any issues should have been raised (and addressed) inside the WG before reaching candidate recommendation. But what happened next shocked the decentralized identity community.

When it came time to vote on the DID Core recommendation, Apple, Google and Mozilla made formal objections. Since the companies had not raised any of these objectives in the scope of the working and their representatives rarely participated in the working group, this was seen as an abuse of process.

The DID working group went back in session to address the formal objections to no conclusion. When these situations arose in the past, the W3C would normally have had the director make a decision; but in this case, the W3C created a new experimental process to review and address the formal objections. This resulted in more uncertainty, frustration and anger. Many in the community spoke out, wrote posts and articles, and emailed the various W3C groups. If you want the juicy details, I recommend this FAQ.

As someone who has been closely involved in supporting the standardization of decentralized identity technology, I have been realistic. If Google, Mozilla and Apple think their formal objections will stop the forward march of decentralized identity, they are sorely mistaken, and will quickly become part of the problem. Instead, they could innovate and capitalize on this new paradigm.

Decentralized Identifiers, along with Verifiable Credentials and the broader concepts of decentralized identity challenge the existing corporate identity provider as a service business model – which in my opinion have led to many of our data privacy, surveillance capitalism and propaganda manipulation problems. Decentralized identity is a long term trend to correct these unintended consequences of past technologies.

The DID Core standards are the results of many hundreds of people working for almost a decade. Rather than focus on the three late hour formal objections, I would ask you to review any of the 319 issues that were closed and addressed in order to reach a Candidate Recommendation. And let us give a hearty thank you to the community to make this version 1 a reality.

About the author

Heather Vescent is a digital identity industry thought leader and futurist with more than a decade of experience delivering strategic intelligence consulting to governments, corporations and entrepreneurs. Vescent’s research has been covered in the New York Times, CNN, American Banker, CNBC, Fox and the Atlantic. She is co-author of the The Secrets of Spies, The Cyber Attack Survival Manual and The Comprehensive Guide to Self Sovereign Identity.

Article Topics

decentralized ID  |  digital identity  |  self-sovereign identity  |  standards  |  verifiable credentials  |  W3C  |  W3C standards