- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Wed, 18 Dec 2024 03:57:02 +0100
- To: Snorre Edwin <snorre.edwin@bkey.me>, "public-credentials@w3.org" <public-credentials@w3.org>
On 2024-12-17 14:50, Snorre Edwin wrote:
> Hi all! Im happy to be back in the domain and starting this return to the space with a question! Also using this chance to say hi again!
>
> Im trying to figure out a way to make a minimal signature/VC that can be embedded into a QR code for verifying the content creator.
> The meaning of this is to have the possibility to utilize the powerful DID spec to enable trusted registries pretty simply, and also to potentially to be able to revoke the verification on this.
>
> Have anyone explored this domain in some shape or form.
>
> I know people have talked about CBOR as compression to fit into a QR code, and more digital QR codes as gifs for combining more data into the mix. But this is potentially something that has to be on paper so the last approach does not work.
>
> But the compression and giffable QR codes, might not have to be used it there are directions or attempts in creating a minimal VC/signature?
>
> Would love to hear your thouhgts.
Hi Snorre,
Enveloped Ed25519 signatures using deterministically encoded CBOR should be good combination.
You may try it at: https://test.webpki.org/csf-lab/home
{
1: "Hello signed world!",
2: [2.0, true]
}
After signing:
{
1: "Hello signed world!",
2: [2.0, true],
-1: {
1: -50,
4: {
# COSE public key
1: 1,
-1: 6,
-2: h'fe49acf5b92b6e923594f2e83368f680ac924be93cf533aecaf802e37757f8c9'
},
# Ed25519 signature
6: h'12e12adea444ef4e751f963f2652a033e009d3c7142c08daa62536a52617c4044090585e293187b6961121c7e84eb155ee4db01de7ce8e108ee512c55556dd06'
}
}
Note that this was provided in diagnostic notation; the real solution would use binary and be even more compact.
Anders
Received on Wednesday, 18 December 2024 02:57:12 UTC