DID Registration is a technical specification that defines standardized interfaces for creating, updating, and deactivating Decentralized Identifiers (DIDs) across different DID methods. The specification complements the DID Resolution process by establishing a "DID Registrar" component that handles DID lifecycle operations through a common interface.
The specification focuses on the registration and management aspects of DIDs without dictating specific DID method implementations. It provides a method-agnostic approach that allows different DID methods to be supported through a unified interface while maintaining their unique characteristics.
Key features include:
- Three primary operations:
create(), update(), and deactivate()
- Support for different key management modes:
- Internal Secret Mode - Registrar generates and manages keys
- External Secret Mode - Keys managed by external wallet
- Client-managed Secret Mode - Client handles key operations
- Standardized input/output formats for operations
- State management for long-running operations
- Security considerations for key handling
- Extensibility features for advanced use cases
Purpose and Scope:
- Define standard interfaces for DID lifecycle management
- Enable interoperability between different DID methods
- Provide clear separation between registration and resolution processes
- Support various key management approaches
- Maintain security of private keys and sensitive data
Technical Specifications:
JSON-based input/output formats
- State-based operation model with defined states:
finished
failed
action
wait
- Support for verification methods and cryptographic operations
- Standardized data structures for key material
HTTPS binding for remote service deployment
Implementation Requirements:
- TLS 1.2 minimum for secure communications
- Support for multiple key management modes
- Implementation of standard DID operations
- Proper handling of state transitions
- Secure management of cryptographic material
Security Considerations:
- Protection of private keys and sensitive data
- Secure communication channels
- Access control for operations
- Key generation and storage security
- Proper validation of inputs
Interoperability Features:
- Common interface across DID methods
- Standardized data formats
- Method-agnostic operation model
- Support for different key management approaches
- Extensible architecture
Current Adoption:
Implementation examples include:
- DIF Universal Registrar
- Universal Services
- ACA-py
- aries-framework-go
- Veramo
- DIDKit