- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Mon, 08 Dec 2014 10:06:46 -0500
- To: public-credentials@w3.org
- Message-ID: <5485BE86.40607@digitalbazaar.com>
On 12/08/2014 04:40 AM, Melvin Carvalho wrote: > > > On 8 December 2014 at 04:31, Manu Sporny <msporny@digitalbazaar.com > <mailto:msporny@digitalbazaar.com>> wrote: > > Digital Bazaar has just released a convenience library for > creating and > verifying JSON-LD Signatures in Javascript in the browser and in > node.js: > > https://github.com/digitalbazaar/jsonld-signatures/ > > The package is in npm (and bower): > > https://www.npmjs.org/package/jsonld-signatures > > The software is released under a BSD license (free for use in both > open > source and proprietary systems). > > If you're interested in what the digital signature creation process > looks like, here it is: > > https://github.com/digitalbazaar/jsonld-signatures/blob/master/lib/jsonld-signatures.js#L109 > > and the digital signature verification process: > > https://github.com/digitalbazaar/jsonld-signatures/blob/master/lib/jsonld-signatures.js#L207 > > > Awesome! > > I'm right it only works with RSA keys right now, e.g. not with bitcoin > ECC? > > Slight nit pick: perhaps the graph signature 2012 URL could be a > default option? > > Three things I'd love to see as convenience functions: > > 1. Normalize -- Done > 2. Signing -- Done > 3. Hash content into ID, so that blank nodes can easily be replaced > with a URI (I'd suggest ni:///sha256;<base64urlhash> > > (3) would facilitate (2) more easily, imho, as part of a common 3 step > process > > Thoughts / good idea / bad idea? What would the details of (3) be? What is the "content" that would be hashed? -- Dave Longley CTO Digital Bazaar, Inc. http://digitalbazaar.com
Received on Monday, 8 December 2014 15:07:08 UTC