W3C home > Mailing lists > Public > public-credentials@w3.org > April 2017

Re: RWoT topic - Blockcerts and OBI signature alignment

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Thu, 13 Apr 2017 19:25:35 +0200
To: Manu Sporny <msporny@digitalbazaar.com>, public-credentials@w3.org
Message-ID: <c0117c23-24a7-f64c-260d-39c48566f82d@gmail.com>
On 2017-04-13 19:00, Manu Sporny wrote:
> On 04/12/2017 08:51 PM, Kim Hamilton wrote:
>> It might make sense to roll this into the existing Signature Format
>> Alignment topic, in which case the Blockcerts scenario can serve as
>> a case study.
>
> Great paper, Kim. Yes, please, let's fold it into the Signature Format
> Alignment discussion. We have lots to talk about at RWoT4 next week in
> Paris.

Talking about signature format alignment you may be interested in a renewed
effort making clear text JSON/JavaScript signatures more "JOSE-compliant".
It is just one page which also holds a signature validator:

https://cyberphone.github.io/doc/research/jwa.jwk.es6-signature.html

Using detached JWS signatures as have been suggested seems to me like a pretty
odd solution.  Either you have a canonicalization method that works (and apply
that to all data), or you don't.  I haven't found a single problem with creating
signature containers, while accessing crypto has been anything but easy.  Node.js
for example, use PEM-files (!) for key material which requires ASN.1 decode/encode
to translate it back and forth in JWK format.  Yuck! Therefore I found that reusing
JOSE JWK and JWA (Algorithms) would "combine the best of two worlds" :-)

BTW, signing JSON and signing RDF normalization serve different purposes and do not
combine too well.  In a "pure" JSON-signing scheme like above, the result of RDF
normalization could be provided in a specific element as a hash.

Anders

>
> Looking forward to it!
>
> -- manu
>
Received on Thursday, 13 April 2017 17:26:12 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:36 UTC