[DID Subject] Clarification: What is the term for a Person or Organization that doesn't have a DID Document stored on the VDR?

[mwherman2000]

Context

In the Alice Buys a Car scenario, several Identity Owners are defined by having their DID Documents stored in the Verifiable Data Registry (VDR). In addition, they are defined to have either a Governance Authority role (e.g. Sovrin Steward) or Trust Anchor role (e.g. Government, Faber College, Trust Bank, and Acme Corp).

However, while Alice is part of several DID pair-wise connections and participates in several Indy/SSI-based business processes involving the Trust Anchors, Alice herself never has: a) a personal DID Document stored on the VDR, or b) a personal DID created in her wallet or elsewhere.

Questions

1. What is Alice from a terminology perspective? ...that is, when a Person is part of a DID pair-wise connection but they themselves to not have a personal DID Document stored in the VDR or a personal DID created in their wallet or elsewhere?
   • Is Alice a DID Subject? (possibly)
   • Is Alice an Identity Owner? (I think not - a personal DID is never created for her)
2. Based on the answer to question 1, is the top part of the following diagram correct? If not, what needs to be changed?

More Context

CC: @talltree

[mwherman2000]

Another way to ask this question is:

• Is being participant in a DID pair-wise connection sufficient for a Person to be characterized as a DID Subject?

If not, what term should be be used to describe this type of Person, Organization, etc.?

[talltree]

Yes, per my answer in another issue, if a participant in a DID pairwise pseudonymous connection is identified by a DID, that person is a DID Subject in that context.

[mwherman2000]

In this scenario, Alice is not identified by a DID (other than being a participant in a DID pair-wise connection).

Back to my original question @talltree: What [do we call] Alice from a terminology perspective? What term do we use?

For now, I'll just call her an Actor...

[talltree]

@mwherman2000 Every participant in a "DID pairwise connection" is identified by a DID. And is thus a DID Subject.

[mwherman2000]

Every participant in a "DID pairwise connection" is identified by a DID. And is thus a DID Subject.

@talltree This is not precisely true.

To be precise, from a technical perspective, a Person in pair-wise connection isn't required to have a "personal" DID. The pair-wise connection has a DID but it's not a DID for the person themselves alone.

Again, if Alice is only a participant in a DID pairwise connection but doesn't have a DID for themselves alone, are they a DID Subject? If not, what label/term do we use for Alice?

Reference: https://github.com/mwherman2000/indy-dev/blob/master/python/getting_started-verbose.py#L828-L844

[talltree]

Ah, I finally see the disconnect here. What you are calling a "pairwise connection" does not have a single DID. Rather it is a pair of DIDs, one for each party identifying the other party. So if Alice and Bob have a pairwise connection, Alice assigns a DID (and a key pair) to Bob, and Bob assigns a DID (and a key pair) to Alice.

So they are both DID Subjects of each other's pairwise pseudonymous DIDs.

Note that this is true even if Alice and Bob decide to create a Group in which they are the first two members. In that case, one of them creates a DID (and a key pair) for the Group (and thereby becomes the Group admin). The Group is the DID Subject of that DID. Then both Alice and Bob create pairwise pseudonymous DIDs with the Group. Alice is the DID Subject of the DID the Group assigns to Alice, and Bob is the DID Subject of the DID the Group assigns to Bob. And the Group is the DID Subject of the DIDs that both Alice and Bob assign to the Group.

[mwherman2000]

Where should/is the above Group concept documented @talltree? ...in the did-spec?

[talltree]

@mwherman2000 No, it's not a DID spec topic. It's a discussion that happened in the Sovrin Governance Framework Working Group around the Sovrin Glossary as we defined the term "Group".

The modeling of groups and organizations with DIDs and verifiable credentials is actually quite a deep and rich topic that deserves a paper of it's own (or a book).

[mwherman2000]

Thank you @talltree for persevering through all this. [I think I'm still looking for a label/term to describe Alice :-) ..I'll just call her an Actor for now.]

Here's an updated version of the Alice Buys a Car roles and actors viewpoint: ...it got a bit more complicated because the model now:

• Enumerates and models each DID Group as an Actor
• Each DID Group in turn aggregates the 2 Actors that are members of these groups.

[kdrahmani]

Whether Alice is acting voluntarily or not in these scenarios she is currently a potentially identifiable undocumented actor.