W3C home > Mailing lists > Public > public-credentials@w3.org > February 2022

VCs expressed as CWTs - Two variants

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Fri, 18 Feb 2022 06:19:03 +0100
Message-ID: <ca7195f3-9807-6991-2f02-2b0f07b8f5df@gmail.com>
To: "W3C Credentials CG (Public List)" <public-credentials@w3.org>
The current way:

https://datatracker.ietf.org/doc/html/rfc8392#appendix-A.3

18([h'a10126', {
   4: h'4173796d6d65747269634543445341323536'
}, h'a70175636f61703a2f2f61732e6578616d706c652e636f6d02656572696b77037818636f61703a2f2f6c696768742e6578616d706c652e636f6d041a5612aeb0051a5610d9f0061a5610d9f007420b71', h'5427c1ff28d23fbad1f29c4c7c6a555e601d6fa29f9179bc3d7438bacaca5acd08c8d4d4f96131680c429a01f85951ecee743a52b9b63632c57209120e1c9e30'])



Using deterministic serialization (NOT to be confused with canonicalization since there is exactly only ONE valid representation), and an enveloped signature:

18({
   1: "coap://as.example.com",
   2: "erikw",
   3: "coap://light.example.com",
   4: 1444064944,
   5: 1443944944,
   6: 1443944944,
   7: h'0b71',
   -1: {
     1: -7,
     3: h'4173796d6d65747269634543445341323536',
     7: h'e1e1a3bda070b586be0e9b95e6e5ccae4bcfb44726aa3f6b5e7bbc81d2193f439b6c6b84962c27eb4796e17dd6ecd028026a8e351bed3f9be95c96447e3fd262'
   }
})

Although not shown here, the signature scheme I have used follows the model for expressing Ed25519 and Ed448 algorithms as featured in FIDO and PKIX, which differs from COSE.

Anders

You may try it out on-line but the tag as shown above must currently be added afterwards.  IMO, object identifying tags should eventually be signed as well:
https://test.webpki.org/csf-lab/home
Received on Friday, 18 February 2022 05:19:19 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:28 UTC