OR13
commented
3 years ago ping @dlongley @msporny @rhiaro
Closed OR13 closed 3 years ago
OR13
commented
3 years ago ping @dlongley @msporny @rhiaro
dlongley
commented
3 years ago Yeah, it should be "sec:authenticationMethod". The simple term "authentication" maps to "sec:authenticationMethod" (this is how it's been in software and contexts for years).
iherman
commented
3 years ago @dlongley for the current (RDF) vocabularies and constraint files (in #183) I only used sec:authenticationMethod. The only place where authentication term appears is in the context file. In other words, at least in those vocabulary files, sec:authentication does not exist (nor does did:authentication). That is then correct, isn't it?
dlongley
commented
3 years ago @iherman, that's right. It looks like the only problem is with the draft security vocab document here:
https://w3c-ccg.github.io/security-vocab/#authentication
Which should be simple enough to fix and is unrelated to #183.
OR13
commented
3 years ago @iherman @dlongley what do I need to do to close this?
dlongley
commented
3 years ago @OR13, open an issue on the security-vocab repo and link to this one. Then this one can be closed.
iherman
commented
3 years ago +1 to @dlongley. There are, I believe, serious issues with the security vocab document*, but that is not the responsibility of this WG and/or the registry document. I believe the DID vocabulary files and context files are all right and this issue should be closed.
* Formally, the security vocab document is a misnomer. It does not define a vocabulary, it specifies, essentially, the JSON-LD context file. For DID the context file and the vocabulary specification are separate, and the same should be done with the security vocabulary. The discrepancy between authentication and sec:authenticationMethod is just a visible tip of the iceberg.
OR13
commented
3 years ago Cross linked, but unclear how to resolve: https://github.com/w3c-ccg/security-vocab/issues/91
Tell me what to do.
iherman
commented
3 years ago Cross linked, but unclear how to resolve: w3c-ccg/security-vocab#91
Tell me what to do.
From my point of view: the same work should be done as what we did for DID. Ie, conceptually:
sec:authenticationMethod and only that.sec:authentication and only that.Obviously, bits and pieces are already in the current document, so the human-readable part can be done by re-engineering the current document. The context file itself is also present, of course. The vocabulary files must be created.
Caveat: I speak with my (former) Semantic Web hat on...
TimoGlastra
commented
3 years ago I think I'm running into a problem related to this, but I'm really not that knowledgeable on JSON-LD and how it works under the hood so I'm not sure.
A controller object is created from a resolved did document, but the authentication keyword is resolved to sec:authenticationMethod by the linked data processor (while the others keep their simple term)
Due to this the controller proof purpose check I wrote (read: copied from vc.js ☺️) is failing because it can't find any authentication keys. Is it correct that this is related to this issue?
Commenting the line from the local DID context I use for testing solves the issue:
"authentication": "sec:authenticationMethod",@TimoGlastra the problem you are reporting is likely due to the way frame uses the context to find the correct verification method. this example works for me:
https://did.key.transmute.industries/did:key:z6MktZ82N6qNh8ocwFpZvdSoM4X3871cg4v4PoDVAPnBXNvg
https://github.com/w3c/did-spec-registries/blob/master/vocabs/v1/context.jsonld#L34
TimoGlastra
commented
3 years ago I used the wrong context. Sigh...
Thanks!
OR13
commented
3 years ago
IRIs for verification methods in did core context are not correct.... https://w3c-ccg.github.io/security-vocab/#authentication