Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Standardizing MultiKey2021 #46

Closed
OR13 opened this issue Jan 25, 2022 · 8 comments
Closed

Standardizing MultiKey2021 #46

OR13 opened this issue Jan 25, 2022 · 8 comments
Labels
pending close

Comments

@OR13
Copy link
Contributor

OR13 commented Jan 25, 2022
edited
Loading

https://w3id.org/security/suites/multikey-2021
https://w3id.org/security/suites/multikey-2021/v1

Support for publicKeyMultibase for all existing JOSE kty / crv and RSA... this is the publicKeyMultibase mirror of publicKeyJwk.

This issue to propose moving it in scope for LD Integrity conversations.
@mprorock
Copy link
Contributor

support from our side on this

@Sakurann
Copy link
Contributor

related issue in DID WG Charter and a comment w3c/did-core#836

@OR13
Copy link
Contributor Author

OR13 commented Jan 26, 2022

This would support IPFS / IPLD / Multiformat approaches... but the WG could decide that those are an anti pattern that should not be endorsed by standardization in the VC Data Model... we should sort this out before we approve the charter.

@OR13 OR13 mentioned this issue Jan 26, 2022
Merged
@wyc
Copy link

wyc commented Jan 26, 2022
edited
Loading

We (Spruce) support the inclusion of publicKeyMultibase because we support the signing of VCs with did-key in our ssi library, which compactly represents key material.

@bumblefudge bumblefudge mentioned this issue Jan 27, 2022
Closed
@iherman
Copy link
Member

iherman commented Jan 27, 2022

The issue was discussed in a meeting on 2022-01-26

  • no resolutions were taken
View the transcript

7.4. Standardizing MultiKey2021 (issue vc-wg-charter#46)

See github issue vc-wg-charter#46.

Brent Zundel: Issue 46. Orie, can you talk about this one?.

Orie Steele: Yes. This is a cool one..
… For folks familiar with the DID specification, that are really two key representations that the DID specification acknowledges as existing: publicKeyJwk (previous PR), and publicKeyMultibase (this PR).
… A community of folks working on multiformats... Filecoin, IPFS community... multibase emerges from those communities. Public key representations based on binary encoding with uvarint..
… Folks want to use publicKeyMultibase to create verifiable credentials..
… This proposal is to support publicKeyMultibase as a class of verification method, consistently..
… For every JWK with a multibase representation, let's do the work to see how they are related....
… Allow using for verifiable credentials... Define suites specific to raw cryptographic operations not based on JWS but coming from the same cryptographic primitives that JWS is built on..
… Like the JWK proposal but using publicKeyMultibase....
… I have talked with Manu about this, he's not in favor of supporting it across the board, only for P256 and Ed25519, but perspective may have changed.

Kyle Den Hartog: I like the idea of consolidating around keys within a suite. I'm not sure how well it fits in the VC spec. Maybe it could..

Orie Steele: look at the existing JSON-LD context to see how it fits..

Kyle Den Hartog: Other question: within the DID Core data model, we define two but allow extensions that define any verification method... Creates arbitrariness that may create more complexity at the VC layer.
… Not sure if standardizing it helps. How well does it fit within this system?.

Orie Steele: I agree with you again kyle :).

Kyle Den Hartog: The JSON-LD context... I want to pull that stuff out. Just keep the terms defined by the data model specifications..

David Waite: Multiformats are interesting, but I worry... A spec like JWK has a definition of a key, standardized, has libraries, W3C references it in other specs like WebCrypto. Multiformats does not have a lot of uptake... multiformats.io is not a standards body, no versioned specification.
… We might be taking on work to define it.
… What is a crypto format... in the VC charter?.
… Could that work be elsewhere? Maybe in IETF, doesn't have a standards track... Not all IETF either..

Orie Steele: agree with everything David is saying, this is mostly to ensure that we discuss this before the charter is approved, and that we address this consistently, and not on a 1-off basis..

David Waite: So I have some concerns. Also about how to profile usage of the crypto, in a working group mostly talking about data models, at least traditionally..

Orie Steele: please comment on the issue..

Brent Zundel: Good conversation, please continue in the issue, so we can see if there is consensus..

@brentzundel
Copy link
Member

brentzundel commented Feb 23, 2022
edited
Loading

@OR13 what steps need to be taken to address this Issue? Is PR #73 sufficient to fix this?

@brentzundel
Copy link
Member

I believe this issue has been addressed. Marking as pending close.
I will close this issue in 4 days if there are no objections.

@brentzundel
Copy link
Member

no response since marked pending close, closing

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
pending close
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@iherman @wyc @mprorock @OR13 @brentzundel @Sakurann