Re: How to verify the did:key document is authorized by the private key holder ... JWS? from Leonard Rosenthol on 2021-03-18 (public-credentials@w3.org from March 2021)

From: Leonard Rosenthol <lrosenth@adobe.com>
Date: Thu, 18 Mar 2021 22:31:50 +0000
To: Brent Shambaugh <brent.shambaugh@gmail.com>, Credentials Community Group <public-credentials@w3.org>
Message-ID: <EFA3D7C1-D7DD-4B65-B8E6-3567B96131B4@adobe.com>
This is also one of the key use cases for which JAdES (https://portal.etsi.org/webapp/WorkProgram/Report_WorkItem.asp?WKI_ID=52897) is under development at ETSI.   Being able to sign JSON(-LD) data in a way that complies with eIDAS regulations.

Leonard

From: Brent Shambaugh <brent.shambaugh@gmail.com>
Date: Thursday, March 18, 2021 at 5:48 PM
To: Credentials Community Group <public-credentials@w3.org>
Subject: How to verify the did:key document is authorized by the private key holder ... JWS?
Resent-From: <public-credentials@w3.org>
Resent-Date: Thursday, March 18, 2021 at 5:46 PM

Dear all,

Even though I haven't seen this in entirety written down, here is what I think:

A public key may be converted to a did:key. The did:key expands to a did document [1]. Presumably,this did document needs to be signed by a private key (corresponding to the public key) producing a JSON Web Signature. This ensures that the did:key and document are authorized to be created by the holder of the key pair.

Here are a few JWS instances I found or turned up in discussion [2]
Thanks for your time.


[1] https://w3c-ccg.github.io/did-method-key/<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c-ccg.github.io%2Fdid-method-key%2F&data=04%7C01%7Clrosenth%40adobe.com%7C95f25084f48a4390a3c008d8ea57910c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637517009113702774%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=xCBClFq4oeuXLERcfXjBhLt46jgSgeyWRrtef9sHfFM%3D&reserved=0>

[2]
https://github.com/transmute-industries/did-key.js/blob/master/packages/did-key-common/src/Jws/index.ts#L4<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Ftransmute-industries%2Fdid-key.js%2Fblob%2Fmaster%2Fpackages%2Fdid-key-common%2Fsrc%2FJws%2Findex.ts%23L4&data=04%7C01%7Clrosenth%40adobe.com%7C95f25084f48a4390a3c008d8ea57910c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637517009113712725%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IakDirnLDwqpIB5i1DrYT7hwEeKP6U37Y9sVZApJrO4%3D&reserved=0>
https://github.com/decentralized-identity/did-jwt/blob/master/src/JWT.ts#L175<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fdecentralized-identity%2Fdid-jwt%2Fblob%2Fmaster%2Fsrc%2FJWT.ts%23L175&data=04%7C01%7Clrosenth%40adobe.com%7C95f25084f48a4390a3c008d8ea57910c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637517009113712725%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ipXAC2nML%2FeCPztzZpIf2BcCVYA2fqF3f8cnDLEDu5Y%3D&reserved=0>
-Brent Shambaugh

GitHub: https://github.com/bshambaugh<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fbshambaugh&data=04%7C01%7Clrosenth%40adobe.com%7C95f25084f48a4390a3c008d8ea57910c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637517009113722677%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=h5uqktXlw7tj1BZQzxrxZBSgM0i7%2FklwkTmM4jNoYZI%3D&reserved=0>
Website: http://bshambaugh.org/<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fbshambaugh.org%2F&data=04%7C01%7Clrosenth%40adobe.com%7C95f25084f48a4390a3c008d8ea57910c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637517009113722677%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=J7ZyuZXt50RW5FFxlgAJljXpHIF9AIvcqKDaTqEGXME%3D&reserved=0>
LinkedIN: https://www.linkedin.com/in/brent-shambaugh-9b91259<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fbrent-shambaugh-9b91259&data=04%7C01%7Clrosenth%40adobe.com%7C95f25084f48a4390a3c008d8ea57910c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637517009113722677%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ihKkKnh5d%2FaOEbldB7VZE%2FFFQEUExThqeQ8dnEJlr8Y%3D&reserved=0>
Skype: brent.shambaugh
Twitter: https://twitter.com/Brent_Shambaugh<https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftwitter.com%2FBrent_Shambaugh&data=04%7C01%7Clrosenth%40adobe.com%7C95f25084f48a4390a3c008d8ea57910c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637517009113732630%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=OBHAcymJEEW97l2VnodDmqWfLTJNE4ytTf5Ke2qSWRY%3D&reserved=0>
WebID: http://bshambaugh.org/foaf.rdf#me<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fbshambaugh.org%2Ffoaf.rdf%23me&data=04%7C01%7Clrosenth%40adobe.com%7C95f25084f48a4390a3c008d8ea57910c%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637517009113732630%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=7kXKJlK5l8Ayn5E8axsIQwtJ447PJIcSPNPhjrn3OZw%3D&reserved=0>
Received on Thursday, 18 March 2021 22:32:06 UTC