The Surprising Outcome of Our Comparison of Two Leading DI Governance Models

Apr 18, 2024 | Privacy & Security

Our Chief Architect, Steve McCown, recently compared two of decentralized identity’s leading governance models—trust registries (from Trust Over IP or ToIP) and trust establishment (from the Decentralized Identity Foundation or DIF)—and published his findings in our latest white paper. 

Skip straight to the white paper, “Comparing Two of Decentralized Identity’s Leading Governance Models.” 

We know that decentralized identity (DI) as a new approach to identity management on the internet offers many benefits over traditional centralized systems, such as greater privacy, increased security, and better fault tolerance. It also offers a novel approach to system governance. 

What Steve describes in his comparison of the two leading government models, trust registries and trust establishment, is that while the two approaches appear to compete with each other, their features and capabilities actually make them rather serendipitous, and users may find them mutually beneficial. 

The trust registry model from ToIP’s Governance Stack Working Group creates a governance framework that guides organizations in creating their own governance model more than specifying exactly what rules and descriptions a governance model must contain. In other words, it is a process for creating a governance model rather than a pre-existing governance model to be applied.  

“Quite often, teams creating DI systems don’t know where to start when defining governance for their systems and the ToIP model is an excellent roadmap,” Steve says. 

While ToIP’s governance framework processes appear best suited for enterprise-level ecosystem efforts, the trust establishment (TE) processes that DIF is creating are intended to be much simpler. According to the Trust Establishment 1.0 document, “This specification describes only the data model of trust documents and is not opinionated on document integrity, format, publication, or discovery.” 

Steve says that rather than presenting a series of processes by which a governance framework can produce a governance model, the DIF specification provides a single “lightweight trust document” that produces a governance data model. 

Since the TE does not require a particular data format, it can be embodied in many formats.  

“In one instance, it can be used through an internet-accessible API as is specified for the ToIP trust registry/governance model solution. However, it is most commonly described as a cryptographically signed and JSON-formatted document that can be downloaded from a website, immutable data source, or a provider’s own service,” Steve says. 

The TE is a newly emerging specification and will likely undergo many enhancements and updates. See the whitepaper for more detail of both models. 

Steve’s comparison of DI governance models is important because enterprises are facing mounting pressure from customers and regulators to rapidly deliver greater security and interoperability in software and services.  

More than 62 per cent of US companies plan to incorporate a decentralized identity (DI) solution into their operations, with 74 per cent likely to do so within a year, according to a recent survey

Read: 7 Benefits to Enterprises from Proactively Adopting Decentralized Identity 

Want more on decentralized identity? 

Learn more about Anonyome Labs decentralized identity offerings 

You May Also Like…