W3C home > Mailing lists > Public > public-credentials@w3.org > May 2018

Re: Ed25519 Signature 2018

From: Kim Hamilton Duffy <kim@learningmachine.com>
Date: Mon, 07 May 2018 05:12:48 +0000
Message-ID: <CAB=TY87Wzbdeopwg1G482F-ZTuEpe2VTw4TguW6hbGxekYF7XA@mail.gmail.com>
To: Anders Rundgren <anders.rundgren.net@gmail.com>
Cc: Vaneev Bogdan <bogdan@soramitsu.co.jp>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>, "W3C Digital Verification CG (Public List)" <public-digital-verification@w3.org>, Mukhutdinov Bulat <bulat.m@soramitsu.co.jp>
Yeah that’s the point
On Sun, May 6, 2018 at 10:06 PM Anders Rundgren <
anders.rundgren.net@gmail.com> wrote:

> IMO canonicalization should be independent of signature algorithm.
>
> Anders
> https://github.com/cyberphone/json-canonicalization#json-canonicalization
> https://tools.ietf.org/id/draft-erdtman-jose-cleartext-jws-00.html
>
> On 2018-05-06 23:08, Kim Hamilton Duffy wrote:
> > (adding Credentials CG alias)
> >
> > Hi Vaneev,
> > I'll kick off the discussion by answering the parts I know
> >
> >  > 1) How can I create my modification of Ed25519Signature2018 to
> support sha3-512 digestAlgorithm?
> >
> > I believe this would need to be a new signature suite; the general
> pattern is to have each suite specify a safe combination of
> canonicalization/digest/signature algorithms rather than have options
> within a given suite.
> >
> > See section 6 "Signature Suites" of the LD Signatures spec
> https://w3c-dvcg.github.io/ld-signatures/
> >
> > This community can likely help you get started if that path makes sense.
> >
> >  > 2) I am aware how digital signatures work and I can’t really
> understand what should be signed, if data is represented as json-ld. What
> algorithm is used to represent json-ld document as bytes before signing?
> >
> > RDF dataset normalization (canonicalization) described here (
> http://json-ld.github.io/normalization/spec/) allows a deterministic
> representation before signing and verifying (with the "signature" section
> removed in the latter case).
> >
> > Each signature suite specifies its precise canonicalization algorithm
> but I realize that I don't have references as to the differences (this
> would be useful). Some examples you'll see in the suites and code are
> URGNA2012, URDNA2015, GCA2015.
> >
> > In any case, you'll likely be able to reuse an existing LD
> signature/verification library that will take care of those details for you.
> >
> > There are several reference implementations and tools you can use to get
> started, e.g.:
> > - https://github.com/digitalbazaar/jsonld.js
> > - https://json-ld.org/playground/
> >
> > And many more; let us know if you're looking for specific language
> support.
> >
> > This is emphasizing that we need a good cleanup of our docs (indexing,
> updating links, etC). We have a couple of github issuances tracking this,
> but for now let us know if you need pointers.
> >
> > Thanks,
> > Kim
> >
> > On Sun, May 6, 2018 at 11:49 AM Vaneev Bogdan <bogdan@soramitsu.co.jp
> <mailto:bogdan@soramitsu.co.jp>> wrote:
> >
> >     Hello.
> >
> >     I am following https://w3c-dvcg.github.io/lds-ed25519-2018/ and I
> see that current cipher suite uses sha512, which is from sha2 family.
> >
> >     I want to use Ed25519 implementation with SHA3-512, because it is
> used in https://github.com/hyperledger/iroha and I don’t really know how
> to modify Ed25519Signature2018
> >
> >     And, in general, I don’t understand few things and I would be very
> thankful, if you point me to related materials and answer these questions:
> >
> >     1) How can I create my modification of Ed25519Signature2018 to
> support sha3-512 digestAlgorithm?
> >
> >     2) I am aware how digital signatures work and I can’t really
> understand what should be signed, if data is represented as json-ld. What
> algorithm is used to represent json-ld document as bytes before signing?
> >
> >     3) This is used to https://w3id.org/security#Ed25519Signature2018
> >     Refer to parameters, used in Ed25519Signature2018, but this link is
> broken (there is no Ed25519Signature2018). It was deleted?
> >
> >
> >     Thank you for your time.
> >
> >     Bogdan,
> >     Soramitsu Software Engineer.
> >
> > --
> > Kim Hamilton Duffy
> > CTO & Principal Architect Learning Machine
> > Co-chair W3C Credentials Community Group
> > 400 Main Street Building E19-732, Cambridge, MA 02139
> >
> > kim@learningmachine.com <mailto:kim@learningmachine.com> | kimhd@mit.edu
> <mailto:kimhd@mit.edu>
> > 425-652-0150 | LearningMachine.com
> >
>
> --
Kim Hamilton Duffy
CTO & Principal Architect Learning Machine
Co-chair W3C Credentials Community Group
400 Main Street Building E19-732, Cambridge, MA 02139

kim@learningmachine.com | kimhd@mit.edu
425-652-0150 | LearningMachine.com
Received on Monday, 7 May 2018 05:13:32 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:47 UTC