- From: Kim Hamilton Duffy <kim@learningmachine.com>
- Date: Mon, 07 May 2018 05:12:48 +0000
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- Cc: Vaneev Bogdan <bogdan@soramitsu.co.jp>, "W3C Credentials CG (Public List)" <public-credentials@w3.org>, "W3C Digital Verification CG (Public List)" <public-digital-verification@w3.org>, Mukhutdinov Bulat <bulat.m@soramitsu.co.jp>
- Message-ID: <CAB=TY87Wzbdeopwg1G482F-ZTuEpe2VTw4TguW6hbGxekYF7XA@mail.gmail.com>
Yeah that’s the point On Sun, May 6, 2018 at 10:06 PM Anders Rundgren < anders.rundgren.net@gmail.com> wrote: > IMO canonicalization should be independent of signature algorithm. > > Anders > https://github.com/cyberphone/json-canonicalization#json-canonicalization > https://tools.ietf.org/id/draft-erdtman-jose-cleartext-jws-00.html > > On 2018-05-06 23:08, Kim Hamilton Duffy wrote: > > (adding Credentials CG alias) > > > > Hi Vaneev, > > I'll kick off the discussion by answering the parts I know > > > > > 1) How can I create my modification of Ed25519Signature2018 to > support sha3-512 digestAlgorithm? > > > > I believe this would need to be a new signature suite; the general > pattern is to have each suite specify a safe combination of > canonicalization/digest/signature algorithms rather than have options > within a given suite. > > > > See section 6 "Signature Suites" of the LD Signatures spec > https://w3c-dvcg.github.io/ld-signatures/ > > > > This community can likely help you get started if that path makes sense. > > > > > 2) I am aware how digital signatures work and I can’t really > understand what should be signed, if data is represented as json-ld. What > algorithm is used to represent json-ld document as bytes before signing? > > > > RDF dataset normalization (canonicalization) described here ( > http://json-ld.github.io/normalization/spec/) allows a deterministic > representation before signing and verifying (with the "signature" section > removed in the latter case). > > > > Each signature suite specifies its precise canonicalization algorithm > but I realize that I don't have references as to the differences (this > would be useful). Some examples you'll see in the suites and code are > URGNA2012, URDNA2015, GCA2015. > > > > In any case, you'll likely be able to reuse an existing LD > signature/verification library that will take care of those details for you. > > > > There are several reference implementations and tools you can use to get > started, e.g.: > > - https://github.com/digitalbazaar/jsonld.js > > - https://json-ld.org/playground/ > > > > And many more; let us know if you're looking for specific language > support. > > > > This is emphasizing that we need a good cleanup of our docs (indexing, > updating links, etC). We have a couple of github issuances tracking this, > but for now let us know if you need pointers. > > > > Thanks, > > Kim > > > > On Sun, May 6, 2018 at 11:49 AM Vaneev Bogdan <bogdan@soramitsu.co.jp > <mailto:bogdan@soramitsu.co.jp>> wrote: > > > > Hello. > > > > I am following https://w3c-dvcg.github.io/lds-ed25519-2018/ and I > see that current cipher suite uses sha512, which is from sha2 family. > > > > I want to use Ed25519 implementation with SHA3-512, because it is > used in https://github.com/hyperledger/iroha and I don’t really know how > to modify Ed25519Signature2018 > > > > And, in general, I don’t understand few things and I would be very > thankful, if you point me to related materials and answer these questions: > > > > 1) How can I create my modification of Ed25519Signature2018 to > support sha3-512 digestAlgorithm? > > > > 2) I am aware how digital signatures work and I can’t really > understand what should be signed, if data is represented as json-ld. What > algorithm is used to represent json-ld document as bytes before signing? > > > > 3) This is used to https://w3id.org/security#Ed25519Signature2018 > > Refer to parameters, used in Ed25519Signature2018, but this link is > broken (there is no Ed25519Signature2018). It was deleted? > > > > > > Thank you for your time. > > > > Bogdan, > > Soramitsu Software Engineer. > > > > -- > > Kim Hamilton Duffy > > CTO & Principal Architect Learning Machine > > Co-chair W3C Credentials Community Group > > 400 Main Street Building E19-732, Cambridge, MA 02139 > > > > kim@learningmachine.com <mailto:kim@learningmachine.com> | kimhd@mit.edu > <mailto:kimhd@mit.edu> > > 425-652-0150 | LearningMachine.com > > > > -- Kim Hamilton Duffy CTO & Principal Architect Learning Machine Co-chair W3C Credentials Community Group 400 Main Street Building E19-732, Cambridge, MA 02139 kim@learningmachine.com | kimhd@mit.edu 425-652-0150 | LearningMachine.com
Received on Monday, 7 May 2018 05:13:30 UTC