Closed OR13 closed 2 years ago
@msporny note the use of documentLoader here https://github.com/w3c-ccg/lds-jws2020/blob/master/packages/json-web-signature-2020/src/__tests__/vc-js-tester.ts#L23
This is related to https://github.com/digitalbazaar/vc-js/issues/80
When passing a custom document loader, I expect to be able to mutate https://w3id.org/security/v2
and see what it would look like if the security context included the new terms... however, https://w3id.org/security/v2
never gets hit.
I believe this is caused by:
https://github.com/digitalbazaar/jsonld-signatures/blob/ee999c814fcbac15ea9ae86e56f9b127c544c970/lib/ProofSet.js#L74 https://github.com/digitalbazaar/jsonld-signatures/blob/master/lib/documentLoader.js#L19
I'd prefer to not see this kind of short circuiting of the documentLoader and instead, ship a default document loader, and make the library consumer intentionally choose to use it (make documentLoader a required argument, with no default).
AFAIK, this has been addressed
https://github.com/w3c-ccg/security-vocab/pull/41
To be super clear... absence of vocabulary definitions in the default constants causes signature suite verification to fail without a custom context extension:
note the
type: '/JsonWebSignature2020',
!==JsonWebSignature2020
This can only be fixed by adding the context defintions to the document you are signing:
this causes
compactProof: false,
to be required.