Open dstrockis opened 5 years ago
IMO the use of id fields such as #key-1
is a bad practice, we should be encouraging the use of compound identifiers, such as ${did}#key-${kid}
where kid is generated according to https://tools.ietf.org/html/rfc7638
^ apparently commenting unassigned @alundeen, i'm not able to reassign.
Related spec conversation regarding supported public key formats:
https://github.com/w3c/did-spec/issues/67
My preference is for the following structure:
{
"id": "did:btcr:xxcl-lzpq-q83a-0d5#key-JUvpllMEYUZ2joO59UNui_XYDqxVqiFLLAJ8klWuPBw",
"type": "EcdsaSecp256k1VerificationKey2019",
"publicKeyJwk": {
"crv": "secp256k1",
"kid": "JUvpllMEYUZ2joO59UNui_XYDqxVqiFLLAJ8klWuPBw",
"kty": "EC",
"x": "dWCvM4fTdeM0KmloF57zxtBPXTOythHPMm1HCLrdd3A",
"y": "36uMVGM7hnw-N6GnjFcihWE3SkrhMLzzLCdPMXPEXlA"
}
},
Also related DIDComm thread on JWE format and kid interop: https://github.com/decentralized-identity/DIDComm-js/issues/8
The DID method
ion-test
does not include a DID prefix in thedocument.publicKey[i].id
ordocument.publicKey[i].publicKeyJwk.kid
fields:This causes did-auth-jose to fail when looking for matching keys in a DID document. So, we either need to modify did-auth-jose to accept key IDs without the prefix, or go modify the
ion-test
method. The DID specification is not clear on whether or not the prefix is required.I did a bit of digging, and these are the places I could find that need modification: