W3C home > Mailing lists > Public > semantic-web@w3.org > May 2021

Re: Chartering work has started for a Linked Data Signature Working Group @W3C

From: Peter F. Patel-Schneider <pfpschneider@gmail.com>
Date: Wed, 26 May 2021 15:56:36 -0400
To: semantic-web@w3.org
Message-ID: <4f9712e6-ca1b-846c-a257-28195f1e42db@gmail.com>
I'm going to describe what I had done to investigate the first of the claimed 

I cloned https://github.com/digitalbazaar/vc-js and looked through it to see 
what it is.

In README.md there is:

This library is a Javascript (Node.js and browser) implementation of the 
Verifiable Credentials Data Model 1.0 specification (the JWT serialization is 
not currently supported).

So not Linked Data Proofs

In BACKGROUND.md there is

See also (related specs):

* [Verifiable Credentials Data Model](https://w3c.github.io/vc-data-model/)
* [Linked Data Proofs 1.0](https://w3c-ccg.github.io/ld-proofs/)

In README.md there are several occurences of "proof".   These occurences are 
not function names but are instead in JSON-LD examples.  I looked at the 
functions that are related to these examples but, as far as I can see, none of 
the functions there match the descripion of the proof algorithms in 

So where is the implementation of the proof algorithm and the proof 
verification algorithm of https://w3c-ccg.github.io/ld-proofs/#algorithms? It 
should have been trivial to find them.

The pointers that you are now providing appear to be for different code from 
the ones you previously provided.

I cloned https://github.com/digitalbazaar/ed25519-signature-2020.git and 
looked through it. There do not appear to be any references to Linked Data 
Proofs 1.0 in it.

The signing and verification code appear to be a yet different github project.

I cloned https://github.com/digitalbazaar/jsonld-signatures.
There do not appear to be any references to Linked Data Proofs 1.0 in it.
There are sign and verify functions but they appear to have different arguments.

There should be documentation stating something like:

To sign a linked data document in a way consistent with 
https://w3c-ccg.github.io/ld-proofs/#proof-algorithm run
   node lib/jsonld-signatures.js ... document ... key ... id ... date ...
where document is a linked data document, key is a private key, id is an 
identifier for a public/private key pair with key as the private key, and date 
is a UTC date accurate to at least one second.

What I want to be able to do (and do easily) is to sign Example 1 from  
https://w3c-ccg.github.io/ld-proofs/ using my private key and get a signed 
version of the document.


On 5/26/21 1:51 PM, Manu Sporny wrote:
> Peter F. Patel-Schneider wrote:
>> What I would like to see is some code
> This was provided to you here:
> https://lists.w3.org/Archives/Public/semantic-web/2021May/0126.html
> Here are specific instructions that dig into the implementations given above
> and attempt to isolate the parts that you seem to be asking about:
> git clone git@github.com:digitalbazaar/ed25519-signature-2020.git
> npm i
> npm test
> If you want to look at each tests details, you can start here:
> https://github.com/digitalbazaar/ed25519-signature-2020/blob/main/test/Ed25519VerificationKey2020.spec.js
> If you want to look at the signing code, look here:
> https://github.com/digitalbazaar/jsonld-signatures/blob/master/lib/jsonld-signatures.js#L18-L51
> If you want to look at the verification code, look here:
> https://github.com/digitalbazaar/jsonld-signatures/blob/master/lib/jsonld-signatures.js#L78-L109
> Keep in mind that the LDP algorithms are higher-level meta-algorithms where
> implementations might provide additional features/protections that have more
> to do with developer ergonomics than anything else. Also note that part of the
> necessary work of the LDS WG is to update the specification based on
> implementer experience (as noted in the LDP spec).
> -- manu
Received on Wednesday, 26 May 2021 19:56:51 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 26 May 2021 19:56:53 UTC