W3C home > Mailing lists > Public > public-credentials@w3.org > February 2022

Re: DID Web, OpenSSL and Certificate Authorities

From: Wayne Chang <wayne@spruceid.com>
Date: Thu, 17 Feb 2022 18:04:59 -0700
Message-ID: <CAFTzAXjUUrphQcecGqz9_yifsbxYvCEuDCZkntpvo8+enpZjEQ@mail.gmail.com>
To: David Chadwick <d.w.chadwick@verifiablecredentials.info>
Cc: Orie Steele <orie@transmute.industries>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
Registering this at IANA would be really interesting.

https://www.iana.org/assignments/well-known-uris/well-known-uris.xhtml

Seeing Tor and Kantara on this list gives me hope for vc-issuer.json!
Thanks for clarifying the approach David, very cool stuff.

On Thu, Feb 17, 2022 at 10:50 AM David Chadwick <
d.w.chadwick@verifiablecredentials.info> wrote:

> On 17/02/2022 17:34, Orie Steele wrote:
>
> interesting...
>
> > https://<DV DN>/.well-known/vc-issuer.json
>
> This is not standard AFAIK... but would be assuming IANA accepts your
> recommendation, and VCDM 2.0 helps pour concrete around it.
>
> I have not asked IANA yet. It would be better if the CCG or VCWG made the
> request rather than an individual, although I am happy to do the work if
> authorised (as I did for the vc and vp claims).
>
> Kind regards
>
> David
>
>
> > The JWT open source library we use, uses X.509 PKCs to validate JWT VC
> signatures.
>
> I have seen some evidence of support for this:
>
> - https://gist.github.com/monmohan/d08d41c856a54d7e7619f8fba8afdf44
> - https://gist.github.com/jasonk000/26f987681b56fe34c235248c980b5c2e
>
> But it has not been clear how "standard" built-in support is.
>
> The approach I took aligns with the links above, but again, the ca chain
> verification is NOT handled consistently across implementations of JOSE as
> far as I can tell.
>
> Thanks for your replies again.
>
> OS
> ᐧ
>
> On Thu, Feb 17, 2022 at 11:29 AM David Chadwick <
> d.w.chadwick@verifiablecredentials.info> wrote:
>
>> On 17/02/2022 16:55, Orie Steele wrote:
>>
>> @David Chadwick <d.w.chadwick@verifiablecredentials.info>
>>
>> AFAIK, JOSE does not support "DV X.509 PKCs" out of the box.
>>
>> So recommending removing DIDs does not actually do anything to address
>> the question... the problem remains::
>>
>> How do I verify that a JWT was signed by a key in a CA chain (regardless
>> of how you discover that key, in other words, with or without DIDs).
>>
>> We use an issuer URI of https://<DV DN>
>>
>> The cert with this DN should be in the CA chain.
>> For PKC discovery, we publish the issuer's metadata at a well-known URL.
>> We will ask IANA to register the well-known name, such as “vc-issuer.json”.
>> Verifiers will append this to the URL contained in the issuer property of
>> the issued VCs e.g. https://<DV DN>/.well-known/vc-issuer.json to obtain
>> all the meta-data about the issuer including the DV PKC or a complete CA
>> chain from a trusted root CA.
>>
>>
>> Perhaps you care to provide a complete working example of "DV X.509 PKCs"
>> with JWT?
>>
>> this is the Identiproof implementation (https://identiproof.io)
>>
>>
>> Obviously this is trivial if I am just sticking to openssl commands, the
>> point of the question was to explain how to do this with JOSE / JWT.
>>
>> The JWT open source library we use, uses X.509 PKCs to validate JWT VC
>> signatures. We did not really need to do much in our code to create and
>> validate JWTs.
>>
>> Kind regards
>>
>> David
>>
>>
>>
>> And the assumption was that it would be valuable to the VCDM regardless
>> of the format of the issuer field (DID or no DID).
>>
>> Regards,
>>
>> OS
>>
>> ᐧ
>>
>> On Thu, Feb 17, 2022 at 10:41 AM David Chadwick <
>> d.w.chadwick@verifiablecredentials.info> wrote:
>>
>>> On 17/02/2022 14:33, Orie Steele wrote:
>>>
>>> Hey Folks,
>>>
>>> What is the best way to combine DIDs with Certificate Authorities?
>>>
>>> Get rid of DIDs and let the issuer use DV X.509 PKCs :-)
>>>
>>> Kind regards
>>>
>>> David
>>>
>>>
>>> The use case is simple: As a verifier, I want to know that a credential
>>> was issued from a public key that is in a certificate chain I trust.
>>>
>>> When I verify this credential, I not only check its signature, but I can
>>> also check the CA chain from the key that signed in back to the root.
>>>
>>> @Mike Prorock <mprorock@mesur.io> and I have been working on a
>>> simple example of this using DID Web, but I think it generalizes to any DID
>>> Method that supports `publicKeyJwk` and `x5c`.
>>>
>>> https://github.com/transmute-industries/openssl-did-web-tutorial
>>>
>>> In this example, we generate a root ca, an intermediate ca, and 3
>>> child ca's all using P-384 and OpenSSL.
>>>
>>> We then generate a DID Web DID Document from the public keys for the 3
>>> children, and encode the ca chain from them back to the root using `x5c`.
>>>
>>> We then issue a JWT from the private key for 1 of them.
>>>
>>> We then verify the JWT signature using the public key.
>>>
>>> We then check the x5c using open seel to confirm the certificate chain.
>>>
>>> My questions are:
>>>
>>> 1. Is it possible to use JOSE to automate this further?
>>> 2. Is there a better way of accomplishing this?
>>> 3. Should the CA chain be pushed into the JWT?
>>>
>>> Regards,
>>>
>>> OS
>>>
>>> --
>>> *ORIE STEELE*
>>> Chief Technical Officer
>>> www.transmute.industries
>>>
>>> <https://www.transmute.industries>
>>> ᐧ
>>>
>>>
>>>
>>
>> --
>> *ORIE STEELE*
>> Chief Technical Officer
>> www.transmute.industries
>>
>> <https://www.transmute.industries>
>>
>>
>>
>
> --
> *ORIE STEELE*
> Chief Technical Officer
> www.transmute.industries
>
> <https://www.transmute.industries>
>
>
>
Received on Friday, 18 February 2022 01:05:24 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:28 UTC