Did-core: Clear explanation on how can A DID have more than one controller

Created on 14 Apr 2020 · 4Comments · Source: w3c/did-core

The DID controller is defined as The entity that has the ability to make changes to a DID document. A DID can have more than one controller.

Based on the discussion of previous issues, there are two cases for the relationship between DID controller and DID subject:
Case one, the controller is the subject, for example, people(controller) can create a VC(subject) for themselves to prove the ID information.
Case two, the controller is not the subject, for example, people(controller) might give their pets(subject) or properties a DID.

For case one, which the controller is the subject, how can a subject have more than one controller? In another word, how can a couple of people controller only VC which is supposed for the only one person?

For case two, which the controller is not the subject, is that rational that a brunch of people can control one subject, which is not belonging to a specific person? Especially for the IoT cases, where people give things DIDs, and the ownership of the things might be changed. Is IoT case a reasonable explanation for A DID can have more than one controller.?

editorial pending close question

Source

YueJing95

👍2

Most helpful comment

I propose to add an Appendix (all non-normative text) called "What Does a DID Identify?" that will include diagrams to explain the relationship between DID controllers, DID subjects, and DID documents. It will be relatively short, but this combination of text and diagrams should answer a whole lot of questions that spec readers may have about these three crucial concepts.

This Appendix will also illustrate the concept of multiple DID controllers. However it will not discuss the security implications of that. Rather it should reference that subheading in the Security Considerations section.

@iherman has volunteered to be a sounding board for this Appendix.

talltree on 16 Jun 2020

👍2

All 4 comments

For case one, which the controller is the subject, how can a subject have more than one controller? In another word, how can a couple of people controller only VC which is supposed for the only one person?

This is most common when the same subject has multiple devices. For example, my DID has did#key1 for my mobile device and did#key2 for my laptop. In this case, I possess both devices, they both represent me, and they both have control over the did (assuming verification methods are true).

For case two, which the controller is not the subject, is that rational that a brunch of people can control one subject, which is not belonging to a specific person? Especially for the IoT cases, where people give things DIDs, and the ownership of the things might be changed. Is IoT case a reasonable explanation for A DID can have more than one controller.?

Yes, this is a good example. Another one that I like to think about is in the case where an enterprise has multiple sysadmins who have the "keys to the kingdom". In this case, the company is the subject of the did, but the multiple sys admins are the ones who actually take actions on behalf of the corporation such as rotating keys and updating endpoints.

kdenhartog on 14 Apr 2020

👍2

Related to the latest comments in https://github.com/w3c/did-core/issues/269

jandrieu on 16 Jun 2020

@iherman has volunteered to be a sounding board for this Appendix.

talltree on 16 Jun 2020

👍2

The Appendix discussed in the previous comment is now proposed in issue #373. Of the three proposed Appendixes, Appendix C: Multiple DID Controllers, directly addresses this.

talltree on 18 Aug 2020

Was this page helpful?

0 / 5 - 0 ratings