some thought after using did:web

Hi,

We are developing a project demo where a user generates JSON Web Signatures
and these signatures can be verified using information associated with a
"did:web" DID. In theory, the verification process is straightforward: the
"verifier" retrieves the corresponding DID document (we are using universal
resolver for that) and it extracts the appropriate "verificationMethod",
indicated by the "authentication" claim. 

 

However, when it comes to the actual implementation, it turns out that there
are many ways to represent a key in a DID document, but our crypto library
(used for verifying signatures) accepts only a couple of them. So initially,
we started by creating a big "if" that converted  various
"verificationMethod" types to the appropriate representation. Soon we
abandoned this approach and we enforced project  members to use only
"publicKeyJwk" in DID documents, which is OK for a demo but not for a real
world product. 

 

IMHO it will be great if each DID method enforces particular
representations. It makes development and integration much more easier. 

 

Best,

Nikos

 

Nikos Fotiou -  <http://pages.cs.aueb.gr/~fotiou>
http://pages.cs.aueb.gr/~fotiou

Researcher - Mobile Multimedia Laboratory

Athens University of Economics and Business

 <https://mm.aueb.gr> https://mm.aueb.gr

 

Received on Wednesday, 5 January 2022 23:34:44 UTC