- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Mon, 7 May 2018 07:06:42 +0200
- To: Kim Hamilton Duffy <kim@learningmachine.com>, Vaneev Bogdan <bogdan@soramitsu.co.jp>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>
- Cc: "W3C Digital Verification CG (Public List)" <public-digital-verification@w3.org>, Mukhutdinov Bulat <bulat.m@soramitsu.co.jp>
IMO canonicalization should be independent of signature algorithm. Anders https://github.com/cyberphone/json-canonicalization#json-canonicalization https://tools.ietf.org/id/draft-erdtman-jose-cleartext-jws-00.html On 2018-05-06 23:08, Kim Hamilton Duffy wrote: > (adding Credentials CG alias) > > Hi Vaneev, > I'll kick off the discussion by answering the parts I know > > > 1) How can I create my modification of Ed25519Signature2018 to support sha3-512 digestAlgorithm? > > I believe this would need to be a new signature suite; the general pattern is to have each suite specify a safe combination of canonicalization/digest/signature algorithms rather than have options within a given suite. > > See section 6 "Signature Suites" of the LD Signatures spec https://w3c-dvcg.github.io/ld-signatures/ > > This community can likely help you get started if that path makes sense. > > > 2) I am aware how digital signatures work and I can’t really understand what should be signed, if data is represented as json-ld. What algorithm is used to represent json-ld document as bytes before signing? > > RDF dataset normalization (canonicalization) described here (http://json-ld.github.io/normalization/spec/) allows a deterministic representation before signing and verifying (with the "signature" section removed in the latter case). > > Each signature suite specifies its precise canonicalization algorithm but I realize that I don't have references as to the differences (this would be useful). Some examples you'll see in the suites and code are URGNA2012, URDNA2015, GCA2015. > > In any case, you'll likely be able to reuse an existing LD signature/verification library that will take care of those details for you. > > There are several reference implementations and tools you can use to get started, e.g.: > - https://github.com/digitalbazaar/jsonld.js > - https://json-ld.org/playground/ > > And many more; let us know if you're looking for specific language support. > > This is emphasizing that we need a good cleanup of our docs (indexing, updating links, etC). We have a couple of github issuances tracking this, but for now let us know if you need pointers. > > Thanks, > Kim > > On Sun, May 6, 2018 at 11:49 AM Vaneev Bogdan <bogdan@soramitsu.co.jp <mailto:bogdan@soramitsu.co.jp>> wrote: > > Hello. > > I am following https://w3c-dvcg.github.io/lds-ed25519-2018/ and I see that current cipher suite uses sha512, which is from sha2 family. > > I want to use Ed25519 implementation with SHA3-512, because it is used in https://github.com/hyperledger/iroha and I don’t really know how to modify Ed25519Signature2018 > > And, in general, I don’t understand few things and I would be very thankful, if you point me to related materials and answer these questions: > > 1) How can I create my modification of Ed25519Signature2018 to support sha3-512 digestAlgorithm? > > 2) I am aware how digital signatures work and I can’t really understand what should be signed, if data is represented as json-ld. What algorithm is used to represent json-ld document as bytes before signing? > > 3) This is used to https://w3id.org/security#Ed25519Signature2018 > Refer to parameters, used in Ed25519Signature2018, but this link is broken (there is no Ed25519Signature2018). It was deleted? > > > Thank you for your time. > > Bogdan, > Soramitsu Software Engineer. > > -- > Kim Hamilton Duffy > CTO & Principal Architect Learning Machine > Co-chair W3C Credentials Community Group > 400 Main Street Building E19-732, Cambridge, MA 02139 > > kim@learningmachine.com <mailto:kim@learningmachine.com> | kimhd@mit.edu <mailto:kimhd@mit.edu> > 425-652-0150 | LearningMachine.com >
Received on Monday, 7 May 2018 05:07:23 UTC