W3C home > Mailing lists > Public > semantic-web@w3.org > May 2021

Re: Chartering work has started for a Linked Data Signature Working Group @W3C

From: Peter F. Patel-Schneider <pfpschneider@gmail.com>
Date: Thu, 27 May 2021 07:00:37 -0400
To: semantic-web@w3.org
Message-ID: <dec1d1b7-787a-7edf-1cbb-7e9345bae906@gmail.com>
On 5/26/21 9:52 PM, Manu Sporny wrote:
 > Peter F. Patel-Schneider wrote:
 >> What I want to be able to do (and do easily) is to sign Example 1 from  
https://w3c-ccg.github.io/ld-proofs/ using my private key and get a signed 
version of the document.
 > I created an artisanal tutorial for you:
 > https://github.com/msporny/pfps-ldp-example/
 > ...with a README containing the instructions you requested above:
 > https://github.com/msporny/pfps-ldp-example/#usage
 > The README contains expected input and output for a "Hello World" example:
 > https://github.com/msporny/pfps-ldp-example/#example-output
 > -- manu

Thanks, that's helpful.

But the code you provide doesn't implement either sign or verify in a way 
consistent with the algorithms in 
https://w3c-ccg.github.io/ld-proofs/#algorithms.  Instead there is a single 
command that uses internal data to simulate an external document and produces 
some logging output.

Nonetheless I ran the code.  The initial output looked promising.  I could see 
in the logging output what appears to be the signed document and a boolean 
result.  So maybe a little bit more programming can result in the first 
implementation of the algorithms in 

But the data in the code doesn't correspond to the document in Example 1.  I 
modified the data accordingly and ran the code again, with the following result:

idefix pfps-ldp-example> node index.js
-------------- UNSIGNED DATA ---------------
   "@context": "https://w3id.org/identity/v1",
   "title": "Hello world!"
(node:36723) UnhandledPromiseRejectionWarning: jsonld.InvalidUrl: 
Dereferencing a URL did not result in a valid JSON-LD object. Possible causes 
are an inaccessible URL perhaps due to a same-origin policy (ensure the server 
uses CORS if you are using client-side JavaScript), too many redirects, a 
non-JSON response, or more than one HTTP Link Header was provided for a remote 
     at ContextResolver._fetchContext 
     at processTicksAndRejections (internal/process/task_queues.js:95:5)
     at async ContextResolver._resolveRemoteContext 
     at async ContextResolver.resolve 
     at async api.process 
     at async api.expand 
     at async Function.jsonld.expand 
     at async Function.jsonld.toRDF 
     at async Function.jsonld.normalize.jsonld.canonize 
     at async Ed25519Signature2020.createVerifyData 
(Use `node --trace-warnings ...` to show where the warning was created)
(node:36723) UnhandledPromiseRejectionWarning: Unhandled promise rejection. 
This error originated either by throwing inside of an async function without a 
catch block, or by rejecting a promise which was not handled with .catch(). To 
terminate the node process on unhandled promise rejection, use the CLI flag 
`--unhandled-rejections=strict` (see 
https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 2)
(node:36723) [DEP0018] DeprecationWarning: Unhandled promise rejections are 
deprecated. In the future, promise rejections that are not handled will 
terminate the Node.js process with a non-zero exit code.

So it looks as if there is problem.  The provided code can't even sign Example 
1.  This looks very bad.

Received on Thursday, 27 May 2021 11:00:52 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 27 May 2021 11:00:54 UTC