W3C home > Mailing lists > Public > public-credentials@w3.org > January 2022

some thought after using did:web

From: Nikos Fotiou <fotiou@aueb.gr>
Date: Thu, 6 Jan 2022 01:34:28 +0200
To: <public-credentials@w3.org>
Message-ID: <004d01d8028c$c870eaf0$5952c0d0$@aueb.gr>

We are developing a project demo where a user generates JSON Web Signatures
and these signatures can be verified using information associated with a
"did:web" DID. In theory, the verification process is straightforward: the
"verifier" retrieves the corresponding DID document (we are using universal
resolver for that) and it extracts the appropriate "verificationMethod",
indicated by the "authentication" claim. 


However, when it comes to the actual implementation, it turns out that there
are many ways to represent a key in a DID document, but our crypto library
(used for verifying signatures) accepts only a couple of them. So initially,
we started by creating a big "if" that converted  various
"verificationMethod" types to the appropriate representation. Soon we
abandoned this approach and we enforced project  members to use only
"publicKeyJwk" in DID documents, which is OK for a demo but not for a real
world product. 


IMHO it will be great if each DID method enforces particular
representations. It makes development and integration much more easier. 





Nikos Fotiou -  <http://pages.cs.aueb.gr/~fotiou>

Researcher - Mobile Multimedia Laboratory

Athens University of Economics and Business

 <https://mm.aueb.gr> https://mm.aueb.gr


Received on Wednesday, 5 January 2022 23:34:44 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 24 March 2022 20:25:28 UTC