Open dbluhm opened 2 months ago
@dbluhm from that pr, is the reverse possible, identify a verificationMethod.id
from a registered did?
No; the challenge with this is that there is potentially more than one VM ID per DID. When signing a VC (either through the VC API or when issuing using DIDComm), what we really need is a clear unambiguous declaration of which VM should be used. I think this is best achieved by using the assertion verification relationship. If a specific verification method is not specified and just a DID is given, we can/should default to selecting the first valid VM (supporting the crypto type we're using) in the assertion list.
Related to #2991; this issue tracks our intent to be able to use verification method ids to sign JSON-LD credentials.
Support for identifying keys by verification method ID was recently merged in #2959. The support needs to be augmented to enable associating multiple kids with a key to better support the use case outlined in #2991.
cc @PatStLouis