W3C home > Mailing lists > Public > semantic-web@w3.org > May 2021

Re: Chartering work has started for a Linked Data Signature Working Group @W3C

From: Peter F. Patel-Schneider <pfpschneider@gmail.com>
Date: Thu, 27 May 2021 10:38:40 -0400
To: semantic-web@w3.org
Message-ID: <39ce396c-9fe6-9398-80e8-2659dc13721d@gmail.com>
Interesting.  I tried playing around with this and came up with a weird 
situation.

First I pulled the proof out and tried to verify a proofless graph.

fail: expected 1 asserted proof; got 0

That's good, except the expectation of 1. So I tried with sort-of two proofs:

@prefix cred: <https://www.w3.org/2018/credentials#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix vc: <https://www.w3.org/2018/credentials#> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
@prefix dc: <http://purl.org/dc/terms/> .
@prefix sec: <https://w3id.org/security#> .

<https://a.example/vc1> rdf:type vc:VerifiableCredential .
<https://a.example/vc1> vc:issuanceDate "2021-03-24T08:27:17Z"^^xsd:dateTime .
<https://a.example/vc1> vc:issuer <https://a.example/issuer1> .
<https://a.example/vc1> vc:credentialSubject <http://a.example/somethingToSign> .
<https://a.example/vc1> sec:proof _:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 .
<http://a.example/somethingToSign> <https://a.example#fileIntegrityHash> 
"1234abcd" .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 rdf:type sec:Ed25519Signature2018 .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 dc:created 
"2020-01-01T00:00:00Z"^^xsd:dateTime .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:proofPurpose sec:assertionMethod .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:verificationMethod 
<https://www.w3.org/2021/03/example-security-context/pubKey> .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:jws 
"eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..0AvIhmYgr3cH0aFSZcTgVFv81kO3Why7e04q07KB_-OwyBbAnX13RCXqVUWkAq3xUVnsHeudiRn9IyuRrS7mBg" 
.

<https://a.example/vc1> rdf:type vc:VerifiableCredential .
<https://a.example/vc1> vc:issuanceDate "2021-03-24T08:27:17Z"^^xsd:dateTime .
<https://a.example/vc1> vc:issuer <https://a.example/issuer1> .
<https://a.example/vc1> vc:credentialSubject <http://a.example/somethingToSign> .
<https://a.example/vc1> sec:proof _:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 .
<http://a.example/somethingToSign> <https://a.example#fileIntegrityHash> 
"1234abcd" .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 rdf:type sec:Ed25519Signature2018 .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 dc:created 
"2020-01-01T00:00:00Z"^^xsd:dateTime .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:proofPurpose sec:assertionMethod .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:verificationMethod 
<https://www.w3.org/2021/03/example-security-context/pubKey> .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:jws 
"eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..0AvIhmYgr3cH0aFSZcTgVFv81kO3Why7e04q07KB_-OwyBbAnX13RCXqVUWkAq3xUVnsHeudiRn9IyuRrS7mBg" 
.

This succeeded!  I really didn't expect that.


I tried with two real proofs, as would happen when signing a signed document

@prefix cred: <https://www.w3.org/2018/credentials#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix vc: <https://www.w3.org/2018/credentials#> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
@prefix dc: <http://purl.org/dc/terms/> .
@prefix sec: <https://w3id.org/security#> .

<https://a.example/vc1> rdf:type vc:VerifiableCredential .
<https://a.example/vc1> vc:issuanceDate "2021-03-24T08:27:17Z"^^xsd:dateTime .
<https://a.example/vc1> vc:issuer <https://a.example/issuer1> .
<https://a.example/vc1> vc:credentialSubject <http://a.example/somethingToSign> .
<https://a.example/vc1> sec:proof _:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 .
<http://a.example/somethingToSign> <https://a.example#fileIntegrityHash> 
"1234abcd" .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 rdf:type sec:Ed25519Signature2018 .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 dc:created 
"2020-01-01T00:00:00Z"^^xsd:dateTime .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:proofPurpose sec:assertionMethod .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:verificationMethod 
<https://www.w3.org/2021/03/example-security-context/pubKey> .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:jws 
"eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..0AvIhmYgr3cH0aFSZcTgVFv81kO3Why7e04q07KB_-OwyBbAnX13RCXqVUWkAq3xUVnsHeudiRn9IyuRrS7mBg" 
.

<https://a.example/vc2> rdf:type vc:VerifiableCredential .
<https://a.example/vc2> vc:issuanceDate "2021-03-24T08:27:17Z"^^xsd:dateTime .
<https://a.example/vc2> vc:issuer <https://a.example/issuer1> .
<https://a.example/vc2> vc:credentialSubject <http://a.example/somethingToSign> .
<https://a.example/vc2> sec:proof _:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 .
<http://a.example/somethingToSign> <https://a.example#fileIntegrityHash> 
"1234abcd" .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 rdf:type sec:Ed25519Signature2018 .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 dc:created 
"2020-01-01T00:00:00Z"^^xsd:dateTime .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:proofPurpose sec:assertionMethod .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:verificationMethod 
<https://www.w3.org/2021/03/example-security-context/pubKey> .
_:_e133fae1_2fb8_4e4c_b8a9_e727f92d9368 sec:jws 
"eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..0AvIhmYgr3cH0aFSZcTgVFv81kO3Why7e04q07KB_-OwyBbAnX13RCXqVUWkAq3xUVnsHeudiRn9IyuRrS7mBg" 
.


This failed, which I did not expect.


I tried changing the sign box to https://a.example/vc2 resulting in

@prefix cred: <https://www.w3.org/2018/credentials#> .
@prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
@prefix vc: <https://www.w3.org/2018/credentials#> .
@prefix xsd: <http://www.w3.org/2001/XMLSchema#> .
@prefix dc: <http://purl.org/dc/terms/> .
@prefix sec: <https://w3id.org/security#> .

<https://a.example/vc1> rdf:type vc:VerifiableCredential .
<https://a.example/vc1> vc:issuanceDate "2021-03-24T08:27:17Z"^^xsd:dateTime .
<https://a.example/vc1> vc:issuer <https://a.example/issuer1> .
<https://a.example/vc1> vc:credentialSubject <http://a.example/somethingToSign> .
<http://a.example/somethingToSign> <https://a.example#fileIntegrityHash> 
"1234abcd" .
<https://a.example/vc2> sec:proof _:_d321e63f_19a8_491c_b38f_824c80083e7e .
_:_d321e63f_19a8_491c_b38f_824c80083e7e rdf:type sec:Ed25519Signature2018 .
_:_d321e63f_19a8_491c_b38f_824c80083e7e dc:created 
"2020-01-01T00:00:00Z"^^xsd:dateTime .
_:_d321e63f_19a8_491c_b38f_824c80083e7e sec:proofPurpose sec:assertionMethod .
_:_d321e63f_19a8_491c_b38f_824c80083e7e sec:verificationMethod 
<https://www.w3.org/2021/03/example-security-context/pubKey> .
_:_d321e63f_19a8_491c_b38f_824c80083e7e sec:jws 
"eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19..0AvIhmYgr3cH0aFSZcTgVFv81kO3Why7e04q07KB_-OwyBbAnX13RCXqVUWkAq3xUVnsHeudiRn9IyuRrS7mBg" 
.


Where does the vc1 node come from now.


So I guess I'm confused.


peter
Received on Thursday, 27 May 2021 14:38:56 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 27 May 2021 14:38:56 UTC