W3C home > Mailing lists > Public > public-credentials@w3.org > November 2019

Re: Proposed work item: did:key DID Method

From: Melvin Carvalho <melvincarvalho@gmail.com>
Date: Sun, 24 Nov 2019 11:54:06 +0100
Message-ID: <CAKaEYh+wNokD49k6=1ft5fsABXDeX29Yphtai-JgWRsQhxNfuw@mail.gmail.com>
To: Manu Sporny <msporny@digitalbazaar.com>
Cc: W3C Credentials Community Group <public-credentials@w3.org>
On Sun, 24 Nov 2019 at 02:01, Manu Sporny <msporny@digitalbazaar.com> wrote:

> On 11/23/19 11:57 AM, Orie Steele wrote:
> >> I had a question before the spec was available, regarding
> >> multibase as the only encoding format for the DID.
> >>
> >> Is it true that there will always only be a single DID per public
> >> key?
>
> If I understand your question, yes. The way I'm interpreting your
> question is "Will there always be a single public key per did:key
> identifier?"... yes, but it could have more than one representation...
> more below.
>
> >> I was hoping that this work could be extended to support a DID
> >> Document representation for cryptographic key types, as well as
> >> formats, such as PEM / JWK, secp256k1, RSA, etc... but it would be
> >> the case that the same key encoded in different ways would result
> >> in different documents.
>
> Well, remember that because of the way we encode keys in the DID
> Document, that you can have multiple key representations per key. This
> is completely valid (by design):
>
> {
>   "@context": ["https://www.w3.org/ns/did/v1",
>   "id": "did:example:123456789abcdefghi",
>   "authorization": [{
>     "id": "did:example:123456789abcdefghi#keys-2",
>     "type": "Ed25519VerificationKey2018",
>     "controller": "did:example:pqrstuvwxyz0987654321",
>     "publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV",
>     "publicKeyJwk": {... JWK GOES HERE ...}
>   }],
>   ...
> }
>

Not to be pedantic, but is there an actual working example of this method?

The above JSON gives syntax errors (even after removing the "..." parts)

I looked at the example in the spec and the above example.  I noticed that
"controller" was defined in the did : core spec [1]

DID controller
The entity, or a group of entities, in control of a DID and/or DID
document. Note that the DID controller might include the DID subject.

When I tried to understand it (and other parts of the example) it pointed
to sec : controller

Which sent me here :

https://web-payments.org/vocabs/security

But controller doesnt seem to be explained anywhere in that document.

I'm possibly doing something wrong, but it wasnt all that easy to
understand the details of this method

[1] https://www.w3.org/TR/did-core/


>
> ... whether the DID WG decides to allow that is still up in the air. An
> alternative is that you could pass in a flag to a library to give you
> the version of the DID Document that you'd like to see (all keys in JWK
> format, or all keys in native non-JWK format).
>
> All options are currently open to us, and yes, I do think what you're
> suggesting would be an important consideration for the spec. We should
> figure out a way to enable what I think you are suggesting.
>
> -- manu
>
> --
> Manu Sporny (skype: msporny, twitter: manusporny)
> Founder/CEO - Digital Bazaar, Inc.
> blog: Veres One Decentralized Identifier Blockchain Launches
> https://tinyurl.com/veres-one-launches
>
>
>
Received on Sunday, 24 November 2019 10:54:21 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:19:03 UTC