"High Assurance did:web" for openproof.org
Project Overview
This website demonstrates a method for creating high assurance Decentralized Identifiers (DIDs) by utilizing the current web and DNS and DNSSEC infrastructure. This website demonstrates a straightforward procedure for a verifier to cryptographically authenticate a DID:web using data stored in the DNS and DNSSEC that is independent from the DID document generated by the did:web.
High Assurance did:web:openproof.org
Project Title: "High Assurance did:web"
Project Description: "This is an experimental website to demonstrate high assurance did:web identifiers"
See the API
See the DID doc as a JSON API response
Resolving a high assurance did:web identifier
Access and check for compliance via the Universal Resolver: did:web:openproof.orgUsing a did:web identifier as a Root of Trust
A did:web identifier can also be used as a root of trust or trust anchor to provide high assurance did:web identitifiers for individual users. This is desirable for organizations or institutions wishing to act as a root of trust for their users (members, employees, associates, etc). This is a desireable scaling solution for those who wish to adminsister their own set of high assurance did:web identifiers according to their own governance and policies.In the example, below, the organizations denoted by examplecorp, xyzfoundation and localagency have their own did:web, which is qualified by the root of trust: did:web:openproof.org. You can inspect the did document for each did:web identifier and check for compliance using the Universal Resolver. In these cases, the did document is signed by the root of trust and the verification method for each user is the public key that they have registered with the root of trust.
- did:web:openproof.org:examplecorp
- did:web:openproof.org:xyzfoundation
- did:web:openproof.org:localagency