W3C home > Mailing lists > Public > public-credentials@w3.org > January 2022

Re: Future-proofing VCs via multiple signatures

From: Manu Sporny <msporny@digitalbazaar.com>
Date: Fri, 7 Jan 2022 15:11:01 -0500
To: public-credentials@w3.org
Message-ID: <3770f156-c3b8-3699-9722-0219e1e5d3db@digitalbazaar.com>
On 1/6/22 3:49 PM, Nikos Fotiou wrote:
> Since JWS supports multi signatures, can’t we claim that jwt encoded VCs 
> (kind of) already support this feature?

As David mentioned, no we can't because the VC-JWT implementers chose a
single, detached signature approach:

https://w3c.github.io/vc-data-model/#json-web-token

At present, it is not possible to do multiple signatures using the VC-JWT
approach. This may change in the VCWG 2.0 work if there are a group of people
that are willing to put in the work to take the approach that David mentioned.

I will note that even if that approach is taken, there will be challenges with
nested signatures (base64 bloat and multiply encapsulated base64 messages) and
chained signatures (same base64 bloat problem) with JWT.

I'm not saying some variation of multiple signatures isn't possible with
VC-JWT... just that it is not possible today.

It /is/ possible to do a JsonWebSignature2020 (which is a Data Integrity
cryptosuite) to do multiple signatures today.

-- manu

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021)
https://www.digitalbazaar.com/
Received on Friday, 7 January 2022 20:11:18 UTC

This archive was generated by hypermail 2.4.0 : Friday, 7 January 2022 20:11:20 UTC