- From: Nikos Fotiou <fotiou@aueb.gr>
- Date: Thu, 6 Jan 2022 01:34:28 +0200
- To: <public-credentials@w3.org>
- Message-ID: <004d01d8028c$c870eaf0$5952c0d0$@aueb.gr>
Hi, We are developing a project demo where a user generates JSON Web Signatures and these signatures can be verified using information associated with a "did:web" DID. In theory, the verification process is straightforward: the "verifier" retrieves the corresponding DID document (we are using universal resolver for that) and it extracts the appropriate "verificationMethod", indicated by the "authentication" claim. However, when it comes to the actual implementation, it turns out that there are many ways to represent a key in a DID document, but our crypto library (used for verifying signatures) accepts only a couple of them. So initially, we started by creating a big "if" that converted various "verificationMethod" types to the appropriate representation. Soon we abandoned this approach and we enforced project members to use only "publicKeyJwk" in DID documents, which is OK for a demo but not for a real world product. IMHO it will be great if each DID method enforces particular representations. It makes development and integration much more easier. Best, Nikos Nikos Fotiou - <http://pages.cs.aueb.gr/~fotiou> http://pages.cs.aueb.gr/~fotiou Researcher - Mobile Multimedia Laboratory Athens University of Economics and Business <https://mm.aueb.gr> https://mm.aueb.gr
Attachments
- application/pkcs7-signature attachment: smime.p7s
Received on Wednesday, 5 January 2022 23:34:44 UTC