Decentralized Identifier (DID)

A Decentralized Identifier (DID) is a W3C standard for a new type of globally unique identifier designed to enable individuals, organisations, and devices to create and control their own digital identities without reliance on a centralised authority. A DID is a URI that resolves to a DID document, which contains public keys, authentication methods, and service endpoints that allow the DID subject to prove control over the identifier and establish secure communication channels. DIDs can be anchored on various underlying systems, including blockchains, distributed ledgers, peer-to-peer networks, or even static web resources, depending on the DID method used.

In the eIDAS 2.0 context, the role of DIDs is nuanced. The Architecture Reference Framework does not mandate DIDs as a core component of the EUDIW infrastructure; instead, it focuses on credential formats like SD-JWT and mdoc.

However, DIDs remain relevant in the broader Self-Sovereign Identity (SSI) ecosystem and may be used by certain trust service providers, attribute providers, or wallet implementations for cryptographic key management and entity identification. Some Large-Scale Pilots explore DID-based approaches for specific use cases. The relationship between DIDs and eIDAS is an evolving area: while the regulation is technology-neutral in principle, the implementing acts and ARF have so far favoured more conventional PKI-based trust models.

Organisations building on or integrating with the EUDIW should understand DIDs as part of the wider verifiable credential landscape, even if direct DID usage in the core wallet protocol is limited.