DIF Newsletter #61

May 2026

DIF Website | DIF Mailing Lists | Meeting Recording Archive

Table of contents

1. Decentralized Identity Foundation News
2. About the Universal Resolver
3. Working Group Updates
4. Upcoming Events
5. Get involved! Join DIF

Decentralized Identity Foundation News

• The big news this month is chaos! Of course, we're referring to the renaming of Vouched's specification contribution for Agentic AI Identity, now renamed KYA-OS (formerly MCP-I). KYA-OS agentic identity can be used for any framework, so we wanted to choose a name that represents its generic applicability across different types of Agentic implementations. Read the full blog here. Version 1.0 of the KYA-OS has entered the 14-day review period before being brought to a vote in the Trusted Agentic AI Working group. Join the regular calls or add comments to the Github Repo.* The big news this month is chaos! Of course, we're referring to the renaming of Vouched's specification contribution for Agentic AI Identity, now renamed KYA-OS (formerly MCP-I). KYA-OS agentic identity can be used for any framework, so we wanted to choose a name that represents its generic applicability across different types of Agentic implementations. Read the full blog here. Version 1.0 of the KYA-OS has entered the 14-day review period before being brought to a vote in the Trusted Agentic AI Working group. Join the regular calls or add comments to the Github Repo.

• Are you using DIDcomm? Together with our new member, Leadpoint System, we are conducting a survey to find out who is using DIDcomm, to create a stronger case for graduating DIDcomm to a larger SDO. (See last month's newsletter for more about the graduation strategy.) Please fill out the survey and pass it to anyone you know who is using DIDcomm.

• DIF: For Humans Only DIF's Steering Committee passed a definitive change to the DIF Charter restricting membership and contributions to humans. "Though diverse, DIF is an organization of diverse humans. Membership is reserved for individual humans and organizational employers of humans. Autonomous AI agents are not allowed to join or contribute to DIF independently". The charter update clarifies that AI should be regarded as potential "inadvertent patent trolls." Until there is a way to validate that AI has not incorporated patented materials into its contribution, DIF policy has officially imposed a strict ban on the use of AI-generated contributions. Humans can use AI as an aid, but all contributions must have an individual who vouches to their conformance to DIF's "IPR" (intellectual property regime).

• Hot Takes this month were hotter than ever! Check out the DIF YouTube Channel for uncensored opinions on how OAuth breaks down in complex AI environments, and what's going on in Agentic Identity in Southeast Asia. Representatives from MOSIP and FIDES discussed VC Adoption and real-world deployments at scale.

• Berlin, Amsterdam, and Geneva are on the calendar! Executive Director Grace Rachmany will be speaking about trusted content at the upcoming EIC in Berlin. Grace will be holding a meet-and-greet with our members so reach out if you'll be in Berlin the week of May 18th. Grace will also be speaking on a panel at the Identity Week Europe, and DIF has a few free tickets, so respond to this e-mail if you'd like to join in Amsterdam on June 9-10.

• For the upcoming "ITU Workshop on "Global interoperability for trust management of digital identity for humans and agents", both Grace and Bumblefudge will be in attendance. If you're part of Study Group 17, or would like to meet with one of us that week, reach out.

About the Universal Resolver

In early May, DIF announced that we may be shutting down the test servers for the DID Universal Resolver. The announcement resulted in two types of responses. A half a dozen people offered technical or financial support. Behind the scenes, other people asked "Is DIF having financial trouble?" (We aren't, but if you want to upgrade to Associate Member, we appreciate it.)

None of the responses indicated that someone needed the Universal Resolver for their ongoing work. On the contrary, several members have spun up their own resolvers, such as the one found at ThisDid.com. Other members told us that when they needed to test their DID method, it took them 10 minutes and a few dollars to simply spin one up themselves. In other words, we aren't sure that the public-facing open-web server is being used for the intended purpose at all, at least not by humans who read our newsletter.

When we started to host the Universal Resolver, costs were approximately $400 per month, and DanubeTech generously provided a staff member to monitor and fine-tune the deployment, as well as to review submissions of new drivers from implementers which wanted to be added. That was years ago.

Over the past 4 months, costs of hosting shot up to surpass $1000 monthly increasing at a rate of $200 per month. Why? We don't know. If nobody on our mailing list said "I need the Universal Resolver", who is using it? Agentic AI? Legacy code someone forgot to turn off? Without someone who is willing to put in 10-20 hours per month to investigate these issues, there's no way to know. What if it just keeps jumping in price by $200 each month, or jumps even faster now that AI Agents are using DIDs?

DanubeTech offered to continue to maintain it, but charge for usage costs. That's an offer that might make sense. If the demand is real, it will make income. If the demand is due to mysterious flukes, the server will wind down anyway. But even if the demand is real, it's unclear that there's a significant income stream.

At this point, a group of DIF Members have volunteered to investigate the situation and potentially take over the maintenance. But the question still remains: whom are we serving? Universal Resolver has never been intended for production. The code is still maintained in our Github repo, and it takes 20 minutes to spin up your own server. If you don't want to do that, there are now other servers you can use.

We have not yet made a final decision about the Universal Resolver, but unless it becomes clear that our members actually need it, it may just be time for it to retire. If you want to get involved in the meetings to discuss this, reach out to ed@identity.foundation. If you are using Universal Resolver on a regular basis, or it's critical, this is your last call to let us know.

Working Group Updates

DIF Members are welcome to join and participate in any working group. Most working groups meet on a weekly basis, and the most active groups have task force meetings that focus on specific work items. All public meetings are recorded and you can find all of the information on our working groups here.

Creator Assertions Working Group

The CAWG meetings have addressed key topics on how to structure different aspects of the ecosystems. The architectural debates going on in the main CAWG group and the tasks forces are lively and active, and this is an ideal time to get involved with this work. Topics under discussion just in the past month include:

• Differentiating between membership credentials and authorization credentials.
• Content verification systems, layered authorities for verifying content, and creating verification where consumers can make choices about what authorities they trust.
• Content Authenticity and Governance (CAG) assertions as a way to provide governing authority backing for specific claims made on digital assets.
• Timestamping mechanisms for verifiable credentials
• Creator consent: asset consent, identity consent, and access and purpose consent.
• Archival quality identifiers which would ensure credentials remain valid and verifiable for extended periods.
• vLEIs (Verifiable Legal Entity Identifiers) and their integration into the CAWG specification. vLEIs are based on ACDC and KERI technology, using LEIs (Legal Entity Identifiers) from the Global Legal Entity Foundation (GLEIF).
• AI agent signatures and legal liability in jurisdictions where machine signatures may not be recognized.
• The need for registries, certification programs, and other formal entities within the ecosystem to provide a complete solution.
• Trade-offs between embedding additional information directly in assets versus using reference-bound registries for verification.
• Gaps in CAWG ecosystem in terms of a conformance regime based in IPTC Provenance summit: MEAN task force (music, entertainment, advertising, and news) made a very definitive statement that C2PA alone is insufficient for the creative community, and that you must implement CAWG and C2PA together to make effective use of C2PA.

👉 Learn more and get involved

Trusted AI Agents Working Group

DIF Welcomes long-time DIF member Damian Glover as the newest Co-Chair of the TAAWG working group! With the WG taking on increasing work items and task forces, this is a welcome reinforcement to our volunteer group of chairs.

This month, the TAAWG Task Forces made progress on reports and use-case documents, all of which are pinned on the respective Slack channels if you'd like to check in or follow along. The KYA-OS task force (formerly MCP-i) has been debating the pros and cons of user stories to prototype and a checklist for V1 of the spec (deferring some of the more complex and experimental features like chained delegations to a future version). The Delegated Authority task force has a working draft of their problem-space report and is divvying up the work of evaluating how well major (in production, at scale) systems measure up against that evaluative framework. Look out soon for a potential version 1.0 of the KYA-OS specification which will be open for review before it goes to the Steering Committee.

The Policy and Governance task force is not holding meetings yet, but several members are working async on multiple documents: a report on how to govern agents through a delegated-authority lens, and a design document towards prototyping a policy-bound, tightly-audited fiduciary agent to delegate to less-trusted agents more safely. Websites of novel startups, security studies, and framework/harness whitepapers continue to be shared and discussed on the Slack channels as well, making TAAWG one of the best places to keep up with the fast-paced world of agentic identity and standards development.

👉 Learn more and get involved

Hospitality and Travel Working Group

The Hospitality and Travel Working group continued to focus on expanding the use cases for the HATPro, making progress on presentation of risk profiles and guide/guidance attributes. The group discussed the need for international string support in JSON schema for HatPro, identifying it as a fundamental issue that needs to be addressed.For JSON/Schema References, the team recommended the following:

• ChatGPT created a referencing mechanism using file/folder (references) based on the GitHub folder structure. The recommended approach is a URL-based mechanism (as specified in the attached document, confirmed by Google Gemini)
• The “Schema Hints” used to specify the references in the PlantUML model have some inconsistent/overlapping ways of specifying the JSON/Schema IDs and the references, which I discovered by manual inspection, the use case being nested references.

Steven Soe (Solutions Architect, AvenHospitality.com) has provided a very workable (experience-based) approach to how HATPro contributors and administrators work with GitHub to add and revise content, resolve issues/bugs, etc. The governance approach is now being reviewed by the working group for integration in the repository. The repository can be viewed here.

👉 Learn more and get involved

DIDComm Working Group

The DIDcomm working group discussed post-quantum resilience. Vinay presented his work on implementing a post-quantum bridge protocol for DIDComm to address security concerns about future quantum computer attacks. He demonstrated how PQBridge protocol allows peers to negotiate and upgrade to post-quantum cryptography through a hybrid approach that maintains compatibility with existing systems. Vinay also shared his development of a blockchain built on top of DIDComm that supports offline operations and aims to provide free global access to DIDs and decentralized communication. Next month's meeting will discuss the official addition of post-quantum support and cryptographic sessions.

👉 Learn more and get involved

DID Methods Working Group

The DID Methods Working Group meeting focused on two main topics: the potential discontinuation of DIF's Universal DID Resolver due to escalating AWS costs, and a deep dive presentation on the did:cid (also known as Archon) method. Grace explained that the Universal Resolver's monthly costs had increased from $600 to $1,100, leading DIF to consider alternatives including potential mergers with other resolvers or private maintenance options. The group discussed the value of maintaining the public service, with Jonathan noting its importance for the DIF recommendation process. The second portion of the meeting featured Christian and David presenting did:cid, a blockchain-based DID method that uses a gatekeeper system to manage document updates across different networks including Bitcoin and HyperSwarm, with the method supporting both agent and asset identities through a decentralized, peer-to-peer architecture. The did:cid method is the fifth DID method to formally request review as a DIF Recommended methodology, following dids ethr, webs, webplus, and webvh.

👉 Learn more and get involved

Identifiers and Discovery Working Group

The DID WebVH Working Group meeting focused on updates to the specification and implementation progress. A new Java binary will be released to Maven Central next week. The group discussed plans for the next version of the specification, including making pre-rotation required and adding post-quantum cryptography support with MLDSA algorithms. The team also explored potential changes to witness keys and discussed use cases for domain-less DID WebVH identifiers, including peer DIDs and multi-tenant wallet scenarios.

👉 Learn more and get involved

Applied Crypto Working Group

The meeting focused on reviewing open issues in the core draft specification and discussing potential changes to the selective disclosure mechanism. Vasilis proposed replacing the current index-based approach with a map structure to indicate which messages are disclosed or undisclosed, which would simplify implementations and reduce the need for validation checks. The team also discussed the importance of finalizing the core draft quickly to enable progress on related features like blind signatures and pseudonyms, particularly in light of upcoming deadlines for European standards and interest from government entities like the Government of British Columbia.

👉 Learn more and get involved

If you are interested in participating in any of the Working Groups highlighted above, or any of DIF's other Working Groups, please click join DIF.

📢 Upcoming Events

European Identity and Cloud Conference (EIC)

DIF will be presenting the topic: Authenticity in the Age of AI: Building a Trust Framework for Digital Content on May 21

📅 May 19-22, 2026
📍 Berlin, Germany
Conference details

ITU Workshop on "Global interoperability for trust management of digital identity for humans and agents"

DIF will be participating in a panel on Agentic Identity

📅 June 2, 2026
📍 Geneva

Event information

Identity Week Europe 2026

DIF will be participating in the panel on verification & authentication

📅 June 9–10, 2026
📍 Amsterdam
Event information

Identiverse 2026

📅 June 15–18, 2026
📍 Las Vegas, NV
Conference details

Berlin Blockchain Week

Be on the lookout for DIF people at cypherpunk and AI events

📅 June 13-21, **2026
📍 Berlin, Germany
Event information

AI for Good (ITU event)

📅 July 7-9, 2026
📍 Geneva
Event information

Dweb Camp

📅 July 8-12, 2026
📍 Alte Hölle, Germany
Event information

GDC 2026

📅 September 1-3, 2026
📍 Geneva
Event information
Tickets
DIF will be supporting applications to speak until the end of June. Tickets for DIF Members are limited, so if you register, we may ask you for more details before approving the application.

Identity Week America

📅 September 2-3, 2026
📍 Washington, DC
Event information

👉Are you a DIF member with news to share? Email us at communication@identity.foundation with details.

🆔 Join DIF!

If you would like to get in touch with us or become a member of the DIF community, please visit our website or follow our channels:

	Follow us on Twitter/X
	Join us on GitHub
	Subscribe on YouTube
🔍	Read the DIF blog

New Member Orientations

If you are new to DIF join us for our upcoming new member orientations. Find more information on DIF’s slack or contact us at community@identity.foundation if you need more information.