Re: Future-proofing VCs via multiple signatures

On 1/17/22 9:20 AM, Leonard Rosenthol wrote:
> The other document that is worth your review is 
> https://www.etsi.org/deliver/etsi_ts/119300_119399/119312/01.02.01_60/ts_119312v010201p.pdf
>
> 
- what we loving refer to as the “Algo Paper”, which documents that algorithms
> that are (and are not) supported for use by ETSI compliant processors.
> This includes hashing, crypto, signature, etc.

Thank you, Leonard, super helpful!

I'll note that they list these groups in their Liaison section (a good thing!):

* W3C Credentials Community Group (active) – DID
* W3C Verifiable Credentials Working Group (in maintenance
  mode) – Verifiable Credentials

... but don't mention the DID WG, which is a bit strange, but they do mention
CCG, which is broader. I suggest they add the DID WG as a Liaison since it's
the official group in charge of DIDs (in addition to CCG).

The "Algo Paper" seems quite conservative... it doesn't even mention EdDSA and
chooses to stay w/ the older (15-20+ years old) X.9/NIST standards -- RSA and
ECDSA.

Even NIST, known for moving at a glacial pace wrt. cryptography, has included
EdDSA in their latest draft of supported algorithms[1].

I guess if we want to push the envelope wrt. cryptographic algorithms, ETSI is
definitely not the place to do it. :)

-- manu

[1]https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5-draft.pdf

-- 
Manu Sporny - https://www.linkedin.com/in/manusporny/
Founder/CEO - Digital Bazaar, Inc.
News: Digital Bazaar Announces New Case Studies (2021)
https://www.digitalbazaar.com/

Received on Monday, 17 January 2022 15:13:31 UTC