Planning for DIF ID WG

https://github.com/decentralized-identity/identifiers-discovery/blob/main/agenda.md

Are DIDs are considered personal data? [Get latest update from Nacho?]
Peer DIDs are not a GDPR problem..? [Invite DanielH]
Discussion: Can you use anywise DIDs and still be GDPR compliant?
If link between person and identifier is minimized, it's acceptable?
What is n "ephemeral identifier" (see discussion in OIDC SIOP) [DavidCh, NatSa]

DIDs and Personally Identifiable Information

Privacy is one of the pillars of SSI
DIDs and public keys, when used with Verifiable Credentials, become PII
Some DID methods store DIDs and DID Documents on-chain

Meeting goals:

Define when and why DID becomes PII (pseudonym)
Examples of PII (public key, hash of public key, …)
Summarise ways to mitigate the issue (user consent, private settings (blockchain with limited access), zero-knowledge proofs, other ideas?)
What to keep in mind when designing DID methods.

Potential discussion topics

DID method vs DID profile

DID method today, is a generic term describing any DID method or instance/fork of a DID method. However, we could split the DID methods in (at least) two broad categories:

DID method - did:ethr, did:peer, did:web, …
DID method profiles: instance/implementations of DID methods

DID methods should be profiled (TODO: which properties?)

anywise, pair-wise, N-wise
Full DID Document updates, event based (KERI), did document diffs
…

Same DID method, can be implemented in several ways. Such DID methods should be called "DID method profiles". DID method profile should only define:

user authentication (none, oidc/saml, 2fa, …)
identification and identity binding (none, basic, substantial, high)
DID registration (full did documents, diffs, …)
DID resolution
DID storage (distributed, local; blockchain, ipfs, combined, …)
Supported verification methods

Context: KERI in the context of existing DID methods, as opposed to KERI being its own DID method.

DIDs in substantial/high-assurance use cases

DID, blockchain, KERI - importance of knowing the exact last state of the DID Document (so user cannot "hide" the last state)

Resolution of the previous versions of the DID Document - in several cases, I need to know that a given DID key belonged to a specific DID with a certain assurance.

DIDs and identity binding

Some DID methods don't require any identification/authentication.
In these cases, DIDs only be used for authentication with low assurance level.

Syntax	Example	Reference
# Header	Header	基本排版
- Unordered List	Unordered List
1. Ordered List	Ordered List
- [ ] Todo List	Todo List
> Blockquote	Blockquote
Bold font	Bold font
Italics font	Italics font
~~Strikethrough~~	~~Strikethrough~~
19^th^	19^th
H~2~O	H₂O
++Inserted text++	Inserted text
==Marked text==	Marked text
[link text](https:// "title")	Link
![image alt](https:// "title")	Image
`Code`	`Code`	在筆記中貼入程式碼
```javascript var i = 0; ```	`var i = 0;`	在筆記中貼入程式碼
:smile:		Emoji list
{%youtube youtube_id %}	Externals
$L^aT_eX$	L^aT_eX
:::info This is a alert area. :::	This is a alert area.