Decentralized Identifiers (DIDs) are central to Self-Sovereign Identity (SSI) systems, enabling individuals to control their digital identities without relying on centralized authorities. However, the proliferation of diverse DID methods has resulted in a fragmented ecosystem where seamless identity migration—referred to as DID portability—remains a significant challenge. In this paper, we propose a formal definition for DID portability and refine existing requirements into three fundamental criteria that capture its essential aspects. We assess major DID methods in the industry against these criteria and present a comparative analysis of two approaches to enabling portability. The first approach, already demonstrated in industry, updates the DID Document by embedding explicit cross-references that directly link legacy identifiers to their successors. The second approach introduces DID Rotation Credentials, which cryptographically bind the old and new DIDs without altering the original DID Document. By evaluating the trade-offs in security, interoperability, and implementation complexity associated with each strategy, our findings offer new insights that help implementers select the solution best suited to their system requirements and operational constraints.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Enabling Portability in Decentralized Identifiers: A Comparison of Two Architectural Approaches

  • Joao Pedro Alonso Almeida,
  • Joao Otavio Cano,
  • Gowri Ramanchandran,
  • George Mulhearn,
  • Paul Ashley,
  • Raja Jurdak,
  • Steven McCown,
  • Jó Ueyama

摘要

Decentralized Identifiers (DIDs) are central to Self-Sovereign Identity (SSI) systems, enabling individuals to control their digital identities without relying on centralized authorities. However, the proliferation of diverse DID methods has resulted in a fragmented ecosystem where seamless identity migration—referred to as DID portability—remains a significant challenge. In this paper, we propose a formal definition for DID portability and refine existing requirements into three fundamental criteria that capture its essential aspects. We assess major DID methods in the industry against these criteria and present a comparative analysis of two approaches to enabling portability. The first approach, already demonstrated in industry, updates the DID Document by embedding explicit cross-references that directly link legacy identifiers to their successors. The second approach introduces DID Rotation Credentials, which cryptographically bind the old and new DIDs without altering the original DID Document. By evaluating the trade-offs in security, interoperability, and implementation complexity associated with each strategy, our findings offer new insights that help implementers select the solution best suited to their system requirements and operational constraints.