Re: Adding a JSON Web Key to a schema Person?

On Wed, 21 Oct 2020 at 16:00, Manu Sporny <msporny@digitalbazaar.com> wrote:

> On 10/21/20 5:12 AM, Melvin Carvalho wrote:
> > What would be useful would be to add a public key to the JSON for a
> schema Person
>
> Please don't add it directly to a person... that's an anti-pattern that
> leads
> to ambient authority security attacks.
>
> Instead, add it as a relationship that the person has to the key, where the
> person is identifying the key, via a verification relationship,
> effectively:
>
> <_:person> <verificationRelationshipToKey> <publicKey> .
>
> For example, if the person intends to use the key for authentication:
>
> <_:person> <sec:authenticationMethod> <LdSecPublicKey> .
>
> There already exists a vocabulary to do this:
>
> https://w3id.org/security/
>
> ... and is what we're using in the DID WG:
>
> https://w3c.github.io/did-core/#a-simple-example
>
> There are JWK examples in the appendix:
>
>
> https://w3c.github.io/did-core/#example-35-did-document-with-many-different-verification-methods
>
> > I was wondering if there already exists a practical way to do this?
>
> Yes, that is the primary goal of the DID WG, to create this mechanism. So,
> if
> you do anything in schema.org, please align it with what the WG is doing.
> Going another direction (like just listing a bunch of keys associated with
> a
> person) will most likely lead to security vulnerabilities that we've long
> known about.
>
> There is a body of work (Linked Data Proofs/Signatures) that has been
> exploring this space for 8+ years... at a minimum, please align the efforts
> with those approaches. In the end, if you choose not to use DID Documents,
> then the design pattern becomes this:
>
> {
>   "@context": [
>     "https://schema.org",
>     "https://w3id.org/security/v2"
>   ],
>   "id": "https://example.com/#me",
>   "type": "Person",
>   "authentication": {
>     "id": "did:example:123#aOEkw",
>     "type": "JsonWebKey2020",
>     "controller": "https://example.com/#me",
>     "publicKeyJwk": {
>       "kty": "EC"
>       "crv": "P-256",
>       "x": "38M1FDts7Oea7urmseiugGW7tWc3mLpJh6rKe7xINZ8",
>       "y": "nDQW6XZ7b_u2Sy9slofYLlG03sOEoug3I0aAPQ0exs4"
>     }
>   }
> }
>
> The example above is based on years of WG consensus, please don't deviate
> from
> it... or at least, if you plan to, please let us know what you intend to
> do so
> we can try to talk you out of some of the more dangerous pitfalls in this
> area. :)
>

Hi Manu, that looks great, thank you!

Regarding the id "did:example:123#aOEkw"

Would there be a sensible value I could give it for the terms "example",
"123" and "#aOEkw"

In this instance I think the X coordinate would be unique.  Or the X.Y
would also do the job.  For example Martti's iris social network that we
are collaborating with, X.Y is used to be the identity

Example:

https://iris.to/
https://iris.to/#/profile/hyECQHwSo7fgr2MVfPyakvayPeixxsaAWVtZ-vbaiSc.TXIp8MnCtrnW6n2MrYquWPcc-DTmZzMBmc2yaGv9gIU

The network already does identity, timelines and encrypted dhat.  Hopefully
the social net will improve and become interoperable with more things over
time

So, moving toward a robust, extensible data model can be of benefit

Lastly I'll read up on ambient authority attacks, I assume this is relevant
(and confused deputy)

https://en.wikipedia.org/wiki/Ambient_authority

I saw a lecture on macaroons saying why they preferred the capabilities
approach.  I'm more used to the approach of saying "Alice has a public key
P", but open to suggestions.  If you had a pointer or 1-2 sentences
explaining the trade offs, would be much appreciated.


>
> -- manu
>
> --
> Manu Sporny - https://www.linkedin.com/in/manusporny/
> Founder/CEO - Digital Bazaar, Inc.
> blog: Veres One Decentralized Identifier Blockchain Launches
> https://tinyurl.com/veres-one-launches
>
>