Univ. Grenoble Alpes, CNRS, Grenoble INP, LIG Univ. Grenoble Alpes, CNRS, Grenoble INP, LIG Univ. Grenoble Alpes, CNRS, Grenoble INP, LIG Huawei Technologies France S.A.S.U. Huawei Technologies France S.A.S.U. This document presents a framework for privacy-preserving identity management based on DNS, supporting large-scale management of users, IoT devices, and AI agents. It introduces Self-Certifying Identifiers (SIDs), User/Service Trustees as trusted proxies, and leverages DNSSEC-secured TXT records to bind public keys to identities. The framework enables privacy-by-design, where real identities are hidden behind trusted entities, through privacy- preserving intermediarie. Credentials bound to SIDs support role- based access control, while ephemeral tokens ensure short-lived authorization. Although initially DNS-dependent, the model can extend to other directories like DIDs or IPFS. This approach aligns with zero-trust architectures and supports automated, AI-driven interactions in future networks.