W3C home > Mailing lists > Public > public-credentials@w3.org > March 2021

How to verify the did:key document is authorized by the private key holder ... JWS?

From: Brent Shambaugh <brent.shambaugh@gmail.com>
Date: Thu, 18 Mar 2021 16:46:11 -0500
Message-ID: <CACvcBVoQ+_DGmLmEZfj6DbT7aSv6T41VWrPyMc5nE-0q7SGgYA@mail.gmail.com>
To: Credentials Community Group <public-credentials@w3.org>
Dear all,

Even though I haven't seen this in entirety written down, here is what I
think:

A public key may be converted to a did:key. The did:key expands to a did
document [1]. Presumably,this did document needs to be signed by a private
key (corresponding to the public key) producing a JSON Web Signature. This
ensures that the did:key and document are authorized to be created by the
holder of the key pair.

Here are a few JWS instances I found or turned up in discussion [2]

Thanks for your time.


[1] https://w3c-ccg.github.io/did-method-key/

[2]
https://github.com/transmute-industries/did-key.js/blob/master/packages/did-key-common/src/Jws/index.ts#L4
https://github.com/decentralized-identity/did-jwt/blob/master/src/JWT.ts#L175

-Brent Shambaugh

GitHub: https://github.com/bshambaugh
Website: http://bshambaugh.org/
LinkedIN: https://www.linkedin.com/in/brent-shambaugh-9b91259
Skype: brent.shambaugh
Twitter: https://twitter.com/Brent_Shambaugh
WebID: http://bshambaugh.org/foaf.rdf#me
Received on Thursday, 18 March 2021 21:46:35 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 18 March 2021 21:46:36 UTC