Re: Proposed work item: did:key DID Method

On 11/23/19 11:57 AM, Orie Steele wrote:
>> I had a question before the spec was available, regarding
>> multibase as the only encoding format for the DID.
>> Is it true that there will always only be a single DID per public 
>> key?

If I understand your question, yes. The way I'm interpreting your
question is "Will there always be a single public key per did:key
identifier?"... yes, but it could have more than one representation...
more below.

>> I was hoping that this work could be extended to support a DID 
>> Document representation for cryptographic key types, as well as 
>> formats, such as PEM / JWK, secp256k1, RSA, etc... but it would be 
>> the case that the same key encoded in different ways would result 
>> in different documents.

Well, remember that because of the way we encode keys in the DID
Document, that you can have multiple key representations per key. This
is completely valid (by design):

  "@context": ["",
  "id": "did:example:123456789abcdefghi",
  "authorization": [{
    "id": "did:example:123456789abcdefghi#keys-2",
    "type": "Ed25519VerificationKey2018",
    "controller": "did:example:pqrstuvwxyz0987654321",
    "publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV",
    "publicKeyJwk": {... JWK GOES HERE ...}

... whether the DID WG decides to allow that is still up in the air. An
alternative is that you could pass in a flag to a library to give you
the version of the DID Document that you'd like to see (all keys in JWK
format, or all keys in native non-JWK format).

All options are currently open to us, and yes, I do think what you're
suggesting would be an important consideration for the spec. We should
figure out a way to enable what I think you are suggesting.

-- manu

Manu Sporny (skype: msporny, twitter: manusporny)
Founder/CEO - Digital Bazaar, Inc.
blog: Veres One Decentralized Identifier Blockchain Launches

Received on Sunday, 24 November 2019 01:00:26 UTC