W3C home > Mailing lists > Public > public-credentials@w3.org > March 2021

Re: How to verify the did:key document is authorized by the private key holder ... JWS?

From: Stefan More <stefan.more@iaik.tugraz.at>
Date: Fri, 19 Mar 2021 01:24:07 +0100
To: Credentials Community Group <public-credentials@w3.org>
Message-ID: <AA617940-4832-4EF2-A7E1-F0C0399CA8CD@iaik.tugraz.at>
Hi all,

according to the linked specs the DID document of a DID:key is derived/expanded directly from the DID, in contrast to other DID methods which generated the DID document separately and might store it, e.g. on a DL.

Thus, there is no need to sign the DID doc by design. Or am I missing something?


Am 18. März 2021 22:46:11 MEZ schrieb Brent Shambaugh <brent.shambaugh@gmail.com>:
>Dear all,
>Even though I haven't seen this in entirety written down, here is what
>A public key may be converted to a did:key. The did:key expands to a
>document [1]. Presumably,this did document needs to be signed by a
>key (corresponding to the public key) producing a JSON Web Signature.
>ensures that the did:key and document are authorized to be created by
>holder of the key pair.
>Here are a few JWS instances I found or turned up in discussion [2]
>Thanks for your time.
>[1] https://w3c-ccg.github.io/did-method-key/
>-Brent Shambaugh
>GitHub: https://github.com/bshambaugh
>Website: http://bshambaugh.org/
>LinkedIN: https://www.linkedin.com/in/brent-shambaugh-9b91259
>Skype: brent.shambaugh
>Twitter: https://twitter.com/Brent_Shambaugh
>WebID: http://bshambaugh.org/foaf.rdf#me

Sent from my mobile. Please excuse the brevity, spelling and punctuation.
Received on Friday, 19 March 2021 00:25:52 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:11 UTC