did:web DID method
The Liccium app uses the did:web method to establish trust in issued credentials. It also uniquely identifies the issuer of a verifiable credential, based on their control of a specific web domain.
The did:web method entails storing a DID document at a web location, which can be accessed by anyone through a secure web protocol such as HTTPS. By hosting the DID document on their domain, the issuer can demonstrate control of it.
The DID document contains information about the DID subject, including public keys, authentication methods, and service endpoints. This includes as an assurance that only the subject controls a secure HTTPS webspace.
The keys contained in the did:web document can facilitate secure communication with the subject and simplify verification of their signatures on VCs.
By using did:web for the issuer, we can make use of this established trust framework infrastructure, leverage the reputation and security of a web domain using browser certificates and thereby establish the reputation and security of a did:web.
It is worth noting that although did:web is not yet an official or established W3C standard, it is unlikely to undergo significant changes that would impact its use in Liccium.
Source: did:web Method Specification, 11 January 2023, https://w3c-ccg.github.io/did-method-web/
Last updated