David-Chadwick
commented
5 years ago This is the approach we are adopting in our implementation. Once we have validated that it works we will write up our approach
Closed stonematt closed 5 years ago
David-Chadwick
commented
5 years ago This is the approach we are adopting in our implementation. Once we have validated that it works we will write up our approach
msporny
commented
5 years ago Yes, we should add this section to the document as there are multiple people working on integrating WebAuthn with DID Auth and VC Presentation countersignatures... Digital Bazaar demoed the use of a FIDO hardware authenticator to digitally sign a VC and using a DID for public key discovery.
deiu
commented
5 years ago Hi @David-Chadwick, have you made any progress on this issue in your implementation? We'd love to see a bit of text, even if it's just WIP.
David-Chadwick
commented
5 years ago Yes our implementation uses Web Authn. But we cannot use the FIDO authenticators built into web browsers because of the strong SOP they enforce. Instead we have our own external authenticator that shares a third key between the issuer and verifier and then we have trust paths that both the verifier and issuer can rely on.
dlongley
commented
5 years ago Addressed by PR #52.
Moving issue from the VCWG Data Model repo. see https://github.com/w3c/vc-data-model/issues/162