Re: Progress on Linked Data Signatures from IETF 98 from Manu Sporny on 2017-05-08 (public-credentials@w3.org from May 2017)

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Mon, 8 May 2017 09:33:42 -0400
To: public-credentials@w3.org
Message-ID: <442bb33e-f70d-358d-a98b-a8765478da0f@digitalbazaar.com>

On 05/08/2017 07:26 AM, Adrian Hope-Bailie wrote:
> Any progress on this?

Yes, I think we have a solution that seems to be drawing no objections
as of today. Here's the gist of the solution:

We re-use a subset of JOSE JWS called the "Unencoded Payload Option"[1].
This approach enables us to:

 * re-use a signature format that has already been approved by IETF,
   and therefore there is no new security review that needs to be done
 * digitally sign JSON
 * digitally sign Linked Data
 * avoid base 64 encodings of the data
 * re-use the same signature format that Verifiable Claims use.

Here's what a signed document looks like in this format:

{
  "@context": ["http://schema.org/", "https://w3id.org/security/v1"],
  "description": "Hello world!",
  "signature": {
    "type": "RsaSignature2017",
    "created": "2017-10-24T05:33:31Z",
    "creator": "https://example.com/jdoe/keys/1",
    "domain": "example.com",
    "nonce": "2839472933428934",
    "signatureValue": "eyiOiJJ0eXAK...EjXkgFWFO"
  }
}

Note the "signatureValue", which is just a regular JWS. The
modifications to the current algorithms are quite simple:

https://w3c-dvcg.github.io/lds-rsa2017/#modification-to-algorithms

There is really only one disadvantage to this approach, and that's that
it needs a normalization algorithm. We have a normalization algorithm
for Linked Data that's been in development since 2012, and it hasn't
changed significantly in the past 5 years. We still do need to do the
final proof of correctness, and it's looking like it's going to be
fairly simple (and thus fairly quick to validate among mathematicians
that specialize in graph theory). The normalization algorithm for JSON
is fairly simple, but that doesn't seem to be high priority for any of
the organizations working in this space.

We floated the updated JWS-based Linked Data Signatures specs out at
Rebooting Web of Trust and came away with 3 interoperable
implementations from BlockCerts/Learning Machine, BigChainDB, and Sovrin
Foundation. So, it's easy to implement and we already have 3
interoperable implementations. We'll be getting the other
implementations up to speed in the coming weeks.

Here are links to the latest specs:

Linked Data Signatures:
https://w3c-dvcg.github.io/ld-signatures/

2017 RSA Signature Suite that uses JWS:
https://w3c-dvcg.github.io/lds-rsa2017/

The Bitcoin/Ethereum signature suites will be updated as the secp256k1
stuff is moved forward at IETF (and those plans seem to be progressing
thanks to Christopher Allen's work in the area).

Any questions, comments, concerns?

-- manu

[1] https://tools.ietf.org/html/rfc7797

-- 
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Rebalancing How the Web is Built
http://manu.sporny.org/2016/rebalancing/

Received on Monday, 8 May 2017 13:34:10 UTC