You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We're building a network of DIDs and are looking to include the controller proof (JWS) as part of the DID Document Metadata.
Previous discussions (here, here and here) rightly concluded that such proofs do not belong in the DID Document itself, and the property was removed from DID core in PR #305.
However, while it was also agreed that the proper place for controller proofs is in the DID Document Metadata, this is currently not supported.
We therefore propose adding a proof property in the DID Document Metadata.
Our aim is to be consistent with the VC data model (and aligned with the outcomes of the working group). Using a snippet from the current VC documentation we've arrived at the following example of Document Metadata containing a controller proof:
In this example the proof property has three sub-properties:
type: the type of cryptographic signature
id: an identifier (the DID) of the signing party (controller)
proofValue: the actual signature, where the message being signed is the hash digest of the resolved (and canonicalized) DID Document. The signature is verifiable using a public key obtained by resolving the DID given in the id field.
An optional verificationMethod property could also be included to specify the id of an assertionMethod inside the signer's DID Document, to make it easier to locate the correct key for verification.
The text was updated successfully, but these errors were encountered:
We're building a network of DIDs and are looking to include the controller proof (JWS) as part of the DID Document Metadata.
Previous discussions (here, here and here) rightly concluded that such proofs do not belong in the DID Document itself, and the property was removed from DID core in PR #305.
However, while it was also agreed that the proper place for controller proofs is in the DID Document Metadata, this is currently not supported.
We therefore propose adding a
proofproperty in the DID Document Metadata.Our aim is to be consistent with the VC data model (and aligned with the outcomes of the working group). Using a snippet from the current VC documentation we've arrived at the following example of Document Metadata containing a controller proof:
{ "proof": { "type": "JsonWebSignature2020", "id": "did:ion:test:EiAwnxk01PDoERb--VTEHkPMNXXxxNUqCf4s0iv0k6Ngag", "proofValue": "eyJhbGciOiJFUzI1NksifQ.IkVpRGNQWjNyMXFrMmF1RG1PRzdkWmE5LWNNNm5GQzhYRGZ0LUhRaUxudVkzeUEi.sT392TkLZ_u-xNF7u7kropwNZMPCZF5JXcp2sXeprjEpfwWeEIcWlatMnr2aZbaMdAamYrY8C4D4ixSgeZ8JUQ" }, "canonicalId": "did:ion:test:EiA8yZGuDKbcnmPRs9ywaCsoE2FT9HMuyD9WmOiQasxBBg", "method": { "updateCommitment": "EiDcxLyK0QlEwgEVMBTd6YATquaxRLUozaRnVm3kbKbv7g", "published": true, "recoveryCommitment": "EiAInhzWGQqBGh8fpQKKdy1xck_Rhs8OvCb65y-D9mqxwQ" } }In this example the proof property has three sub-properties:
type: the type of cryptographic signatureid: an identifier (the DID) of the signing party (controller)proofValue: the actual signature, where the message being signed is the hash digest of the resolved (and canonicalized) DID Document. The signature is verifiable using a public key obtained by resolving the DID given in theidfield.An optional
verificationMethodproperty could also be included to specify theidof anassertionMethodinside the signer's DID Document, to make it easier to locate the correct key for verification.The text was updated successfully, but these errors were encountered: