[jceb81]

Here's the link: https://www.microsoft.com/en-us/security/business/solutions/...

I haven't used their implementation yet but Microsoft initiated the did:ion method. I guess they'll support it :-D In general, the idea with DID methods is that you can support many methods without too much effort - for example the Universal Resolver implements already a good bunch: https://dev.uniresolver.io/

However, pointing in the direction of the many DID method implementations, I agree with you that they're confusing. Many people try their hands on implementing a new method. Most of the methods will not amount to much. I recommend focusing on simple methods like did:key or did:web to get started and high throughput methods like did:ion, did:elem, did:orb (all sidetree based) for production. did:ethr is also a good starting point for a public blockchain DID method that doesn't require a transaction to create the DID, i.e. no expenses required. did:ethr is also one of the oldest methods and can easily be used in existing Self-Sovereign Identity software solutions.

[davidgerard]

> https://www.microsoft.com/en-us/security/business/solutions/...

So I went and had a look. There's no specification there that I could see - is there a more specific link I missed?

The white paper was issued in 2018. Is that what there is?

The product is Entra Verified ID - which turns out to be a directory service on Azure. https://docs.microsoft.com/en-us/azure/active-directory/veri...

This appears for all the world like a centralised product marketing itself as "decentralised".

[dwaite]

DID resolution is a security operation and has to be done by a trusted component. The document you get back does not have any additional integrity protection on it, so a resolver that lies will basically let the malicious party impersonate anyone.

The resolution process for DID methods also vary in their processing and storage requirements. Some method implementations may result in gigabytes of local data.

For these and other reasons, I don't believe real-world deployments will resolve more methods than they deem necessary. Of course, that would mean that between implementer networks you have far less portability and interoperability for DIDs.

[cplli]

Ok, I'll have to look more in-depth into the Microsoft link, they link to many more pages including a whitepaper.

Regarding all the blockchain centric DID methods, would someone wanting to validate a DID (eg: did:thecoin:whatever_would_go_here), need to hold a copy of the blockchain? (in a scenario where one doesn't want to be dependent on a third party for blockchain interactions).

[miohtama]

For most of blockchains you can do light client validation without the full chain (or full node). Light client needs to only know the block headers to validate a truth.

You can get block headers with very lightweight download work from peer-to-peer network.

https://geth.ethereum.org/docs/interface/les

[Kubuxu]

Depends on the implementation and the blockchain, but for many cases there are ways to make such resolutions provably correct, such that you don't have to hold the copy of blockchain and you don't have to trust that a third party did the resolution correctly.