!!! Overview[1]
[{$pagename}] ([DDO]) is the index key in a key-value pair, then the DDO is the value to which the index key points. The combination of a DID and its associated DDO forms the root identity record for a [Decentralized Identity].
[{$pagename}] [MUST] be a single [JSON Object] conforming to [RFC 7159]. For purposes of this version of the DID specification, the format of this JSON object is specified in [JSON-LD], a format for mapping JSON data into the RDF semantic graph model as defined by the W3C JSON-LD 1.0 specification. Future versions of this specification MAY specify other semantic graph formats for a DDO such as [JXD] ([JSON XDI] Data), a serialization format for the XDI graph model.
[{$pagename}] follow the following rules:
* Context ([REQUIRED]) - JSON objects in JSON-LD format must include a JSON-LD context statement. The rules for this statement are:
** A DDO MUST have exactly one top-level context statement. This statement MUST be the first line in the JSON object. (This is not strictly necessary under JSON-LD but required for DDOs.) The key for this property MUST be @context.
* Primary DID (Required) - The primary DID is the primary index key for the DDO, i.e., it is DID described by DDO. The rules for a primary DID are:
** A [DDO] [MUST] have exactly one primary [DID].
** The key for this property [MUST] be id.
** The value of this key [MUST] be a valid [DID].
** When this [DDO] is registered with the target [distributed ledger|Distributed Ledger Technology] or network, the registered [DID] [MUST] match this primary [DID] value.
* [DID Guardian] (Required If No Proof of Ownership) - A [DID Guardian] is an identity owner who creates and maintains an identity record for a dependent who is not in a position to hold or control the necessary cryptographic keys (e.g., a parent creating an identity record for a child). In this case, there are no owner keys to represent the ultimate identity owner. So the DDO needs to assert the identity of the guardian. The rules for a guardian are:
** A [DDO] that includes an owner MAY have a guardian.
** A DDO that does not include an owner MUST have a guardian.
** The key for this property MUST be guardian.
** The value of this key MUST be a valid DID.
** The guardian DID MUST resolve to a DDO that has an owner property, i.e., guardian relationships must not be nested.
* [Proof of Ownership] ([REQUIRED] If No DID Guardian)- Proof of Ownership is the mechanism by which an [DID Owner] can use [Cryptography] to prove [Proof of Ownership] of a [DID] and [DDO] by virtue of publishing a set of [Public Key] or verification key descriptions.
The rules for Proof of Ownership are:
** A [DDO] that includes a [DID Guardian] [MAY] have exactly one owner.
** A [DDO] that __does not__ include a guardian [MUST] have exactly one owner.
** The key for this property [MUST] be owner.
** The value of this key [MUST] be an array where each member of the array is a key description of a valid public key or verification key.
*** If this array contains more than one key description, each key description [MUST] include a property with the key id whose value is a DID reference consisting of the primary DID and a DID fragment.
*** This DID reference uniquely identifies this key description.
[{$pagename}] contains a set of key descriptions— machine-readable descriptions of the identity owner’s [Public Keys] and a set of service [endpoints]—resource pointers necessary to initiate trusted interactions with the identity owner. Each [DID] uses a specific [DID] method, defined in a separate [DID] method specification, to define how the [DID] is registered, resolved, updated, and revoked on a specific [Distributed Ledger Technology] or network.
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [DID (Decentralized Identifier) Data Model and Generic Syntax 1.0|https://docs.google.com/document/d/1Z-9jX4PEWtyRFD5fEyyzEnWK_0ir0no1JJLuRu8O9Gs/edit#|target='_blank'] - based on information obtained 2016-12-01-