Overview#
DID Guardian is an DID Owner who creates and maintains an DID record for a dependent who is not in a position to hold or control the necessary cryptographic keys (e.g., a parent creating an identity record for a child).In this case, there are no DID Owner keys to represent the ultimate identity owner. So the DDO needs to assert the identity of the DID Guardian. The rules for a DID Guardian are:
- A DDO that includes an DID Owner MAY have a guardian.
- A DDO that does not include an DID Owner MUST have a DID Guardian.
- The key for this property MUST be DID Guardian.
- The value of this key MUST be a valid DID.
- The guardian DID MUST resolve to a DDO that has an DID Owner property, i.e. DID Guardian relationships MUST NOT be nested.
