- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Wed, 3 Jun 2020 10:10:14 -0400
- To: Nikos Fotiou <fotiou@aueb.gr>, public-credentials@w3.org
On 6/2/20 10:23 PM, Nikos Fotiou wrote:
> Hi all,
> I am experimenting with json-ld signatures, using digital bazaar's library
> https://github.com/digitalbazaar/jsonld-signatures
>
> I notice when this algorithm is used Ed25519VerificationKey2018 the library
> crates a jwt with the following header:
> header = {
> "alg": "EdDSA",
> "b64": False,
> "crit": ["b64"]
> }
> I am struggling to understand what is this header and why is there. Anybody?
The signature value for Ed25519Signature2018 is a detached JWS on an
unencoded payload (no base64 encoding applied). Since the value is a
JWS, this includes a header -- and since it is an EdDSA signature over
an unencoded payload, the above parameters are expressed.
See: https://tools.ietf.org/html/rfc7797#page-7
An effort was made with the Ed25519Signature2018 and RsaSignature2018
signature suites to get more alignment with JWS -- and expressing the
signature value as a JWS in this manner is the outcome of that.
--
Dave Longley
CTO
Digital Bazaar, Inc.
Received on Wednesday, 3 June 2020 14:10:35 UTC