Skip to content

Commit

Permalink
separating normative/informative information for signed files and imp…
Browse files Browse the repository at this point in the history 
…roved references (#131)

Signed-off-by: 2byrds <[email protected]>
  • Loading branch information
@2byrds
2byrds authored Jan 31, 2024
1 parent bf03ffb commit 49985b2
Show file tree
Hide file tree
Showing 4 changed files with 67 additions and 82 deletions.
5 changes: 4 additions & 1 deletion spec/appendix.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ See also: decentralized identifier, [ref: self-certifying identifier (SCID)].
~ An encoding format that enables round-trip text-binary conversion of concatenated cryptographic primitives and general data types, as defined by the [[ref: CESR specification]] and [[ref: CESR Proof Signature specification]]. See [WebOfTrust glossary](https://weboftrust.github.io/WOT-terms/docs/glossary/composable-event-streaming-representation) for more detail.

[[def: controller, constrollers]]
~ A controlling entity that can cryptographically prove the control authority (signing and rotation) over an [[ref: AID]] as well as make changes on the associated [[ref: KEL]]. A controller may consist of multiple controlling entities in a multi-signature scheme. See [WebOfTrust glossary](https://weboftrust.github.io/WOT-terms/docs/glossary/controller) for more detail.
~ A controlling entity that can cryptographically prove the control authority (signing and rotation) over an [[ref: AID]] as well as make changes on the associated [[ref: KEL]]. A controller may consist of multiple controlling entities in a [[ref: multi-signature]] scheme. See [WebOfTrust glossary](https://weboftrust.github.io/WOT-terms/docs/glossary/controller) for more detail.

[[def: decentralized identifier (DID), DID, DIDs]]
~ A globally unique persistent identifier, as defined by [DID Core](https://www.w3.org/TR/did-core/#dfn-decentralized-identifiers).
Expand Down Expand Up @@ -93,6 +93,9 @@ See also: decentralized identifier, [ref: self-certifying identifier (SCID)].
[[def: method-specific identifier, MSI]]
~ The `method-specific-id` part of DID Syntax, as defined in [DID Core](https://www.w3.org/TR/did-core/#did-syntax). See section [Method-Specific Identifier](#method-specific-identifier).

[[def: multi-signature, multi-signatures, multisig, multi-sig]]
~ A mechanism that enables multiple parties to sign a message, as defined by the [[ref: KERI specification]]. See [Controller Application in the KERI spec](https://trustoverip.github.io/tswg-keri-specification/#controller-application) for more detail.

[[def: out-of-band introduction (OOBI), OOBI, OOBIs, OOBI specification]]
~ A protocol for discovering verifiable information on an [[ref: AID]] or a [[ref: SAID]], as defined by the [[ref: KERI specification]]. The OOBI by itself is insecure, and the information discovered by the OOBI must be verified. See [WebOfTrust glossary](https://weboftrust.github.io/WOT-terms/docs/glossary/out-of-band-introduction) for more detail.

Expand Down
14 changes: 11 additions & 3 deletions spec/informative_references.md
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,16 @@
### Informative References

::: todo
Add informative references
:::
[[def: StatusList2021]]
~ See https://w3c.github.io/vc-status-list-2021/

[[def: Hyperledger AnonCreds]]
~ See https://www.hyperledger.org/projects/anoncreds. And [Setting up to publish AnonCreds verifiable credential](https://hyperledger.github.io/anoncreds-spec/#anoncreds-setup-data-flow)

[[def: W3C VC Rendering Methods specification]]
~ See https://w3c-ccg.github.io/vc-render-method/.

[[def: Overlay Capture Architecture, OCA]]
~ See [Aries RFC](https://github.com/hyperledger/aries-rfcs/blob/main/features/0755-oca-for-aries/README.md)



11 changes: 10 additions & 1 deletion spec/normative_references.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,12 @@

### Normative References

[[def: JSON Serialization]]
~ See https://datatracker.ietf.org/doc/html/rfc7515#section-3.2

[[def: multiformat multihash]]
~ See https://github.com/multiformats/multihash

[[def: Trust over IP - Authentic Chained Data Containers (ACDC) specification, ACDC specification, ACDC protocol]]
~ The [ACDC specification](https://trustoverip.github.io/tswg-acdc-specification/) details the core ACDC specification including the Issuance and Presentation Exchange (IPEX) Protocol and Public Transaction Event Log (PTEL) specification.

Expand All @@ -24,5 +30,8 @@
[[def: W3C - DID spec registries, DID spec registries, DID registry]]
~ The [DID Spec Registries](https://w3c.github.io/did-spec-registries/) detail the specs for each registred DID method.

[[def: W3C - DID URL path, DID URL path, DID URL path specification]]
~ See https://www.w3.org/TR/did-core/#path.

[[def: W3C - Verifiable Credentials Data Model (VCDM), vcdm specification]]
~ The [W3C - Verifiable Credentials Data Model (VCDM)](https://www.w3.org/TR/vc-data-model/) details the the core Verifiable Credentials Data Model (VCDM) specification.
~ The [W3C - Verifiable Credentials Data Model (VCDM)](https://www.w3.org/TR/vc-data-model/) details the the core Verifiable Credentials Data Model (VCDM) specification.
119 changes: 42 additions & 77 deletions spec/signed_files.md
View file
Original file line number Diff line number Diff line change
@@ -1,80 +1,45 @@
## Signed Files

`did:webs` [[ref: signed files]] combine the semantics of folders of files on
web servers, and the [DID Core Specification]'s [DID URL path] semantics to
enable the controller of the DID to publish documents cryptographically signed
using the verification key(s) of the DID. This kind of signed file capability
has been implemented in a variety of ways in the past, such as with [hashlinks].
The value of including this as part of the `did:webs` DID method is that it
ensures consistency in its application, including how the [[ref: signed files]]
can be verified when using a [[ref: multisig]]-enabled DID, and in the face of
rotations of the DID's key(s).

[DID Core Specification]: https://www.w3.org/TR/did-core/
[DID URL path]: https://www.w3.org/TR/did-core/#path
[hashlinks]: https://datatracker.ietf.org/doc/html/draft-sporny-hashlink

`did:webs` [[ref: signed files]] work as follows:

- The controller of the DID may place arbitrary files into the folder structure
below the root did:webs folder.
- The DID URL for the [[ref: signed file]] is of the form `<did:webs DID>/<path
to file>`.
- The HTTPS path to the file MUST be `<HTTPS URL conversion of did:webs
identifier>/<path to file>.
- To be a valid `did:webs` [[ref: signed file]], each file MUST have an
associated JSON Web Signature file named `<filename>.jws` beside (in the same Web folder as) the file.
- For example, a file `revocation_registry.bin` MUST have a file
`revocation_registry.bin.jws` beside it.
- The HTTPS path to the associated JWS file MUST be `<HTTPS URL conversion of
did:webs identifier>/<path to file>.jws`
- The JWS web signature MUST:
- Use the [JSON Serialization] form of the JWS. This is necessary to support multi-signatures in the JWS.
- Have a payload that is the [multiformat multihash] hash of the content of the associated signed file.
- Be signed with a verification key(s) that is (are) either currently in the DIDDoc
of the DID, or found in the [[ref: KEL]] associated with the DID. A verification
key found in a valid [[ref: KEL]] represents a key that had been in use previously,
but has been rotated away.
- Be verified such that:
- A calculated hash of the file matches the hash in the JWS.
- The signature(s) in the JWS is (are) valid.
- If the DID has (or had at the time of signing) [[ref: multisig]]
requirements, those requirements are met.

[JSON Serialization]: https://datatracker.ietf.org/doc/html/rfc7515#section-3.2
[multiformat multihash]: https://github.com/multiformats/multihash

`did:webs` signed files combine the semantics of folders of files on web servers, and the [[ref: DID Specification]]'s [[ref: DID URL path]] semantics to enable the controller of the DID to publish documents cryptographically signed using the verification key(s) of the DID. This kind of signed file capability has been implemented in a variety of ways in the past, such as with [hashlinks](https://datatracker.ietf.org/doc/html/draft-sporny-hashlink). The value of including this as part of the `did:webs` DID method is that it ensures consistency in its application, including how the signed files can be verified when using a [[ref: multisig]]-enabled DID, and in the face of rotations of the DID's key(s).

1. In publishing a file, the controller of the DID may use the KERI [[ref: TEL]] to record the signing event, prior to publishing the file. In that case, in processing the KERI Audit log, the publication event can be found, verified, and ordered relative to key state changes and other signing events.

1. If the file is NOT [[ref: KEL backed data]] or if the controller would like to provide additional signature, the controller MUST do the following:
1. The controller of the DID may place arbitrary files into the folder structure below the root did:webs folder.
1. The DID URL for the signed file is of the form `<did:webs DID>/<path to file>`.
1. The HTTPS path to the file MUST be `<HTTPS URL conversion of did:webs identifier>/<path to file>`.
1. To be a valid `did:webs` signed file, each file MUST have an associated JSON Web Signature file named `<filename>.jws` beside (in the same Web folder as) the file. For example, a file `revocation_registry.bin` MUST have a file `revocation_registry.bin.jws` beside it.
1. The HTTPS path to the associated JWS file MUST be `<HTTPS URL conversion of did:webs identifier>/<path to file>.jws`.
1. The JWS web signature MUST:
1. Use the [[ref: JSON Serialization]] form of the JWS. This is necessary to support multi-signatures in the JWS.
1. Have a payload that is the [multiformat multihash] hash of the content of the associated signed file.
1. Be signed with a verification key(s) that is (are) either currently in the DIDDoc of the DID, or found in the [[ref: KEL]] associated with the DID. A verification key found in a valid [[ref: KEL]] represents a key that had been in use previously, but has been rotated away.
1. Be verified such that:
1. A calculated hash of the file matches the hash in the JWS.
1. The signature(s) in the JWS is (are) valid.
1. If the DID has (or had at the time of signing) [[ref: multisig]] requirements, those requirements are met.

See:
* [[ref: JSON Serialization]]
* [[ref: multiformat multihash]]

The following is non-normative:
Examples:

- DID URL: `did:webs:w3c-ccg.github.io:12124313423525/members-list.txt`
- HTTPS URL: `https://w3c-ccg.github.io/12124313423525/members-list.txt`
- HTTPS JWS URL: `https://w3c-ccg.github.io/12124313423525/members-list.txt.jws`
- DID URL: `did:webs:mines.gov.bc.ca:VCissuer:12124313423525/mines-permit/v1.0/schema.json`
- HTTPS URL: `https://mines.gov.bc.ca/VCissuer/12124313423525/mines-permit/v1.0/schema.json`
- HTTPS JWS URL: `https://mines.gov.bc.ca/VCissuer/12124313423525/mines-permit/v1.0/schema.json.jws`

The core use case for this feature is providing an easy way for a DID controller
to publish files such that those receiving the file can be confident that the
file was explicitly published by the DID controller (they signed it), and has
not been tampered with since it was published. A few examples of where this
might be useful in verifiable credential-related use cases include:

- Revocation registries such as [StatusList2021] published by the issuer (and
revoker) of a set of revocable credentials.
- [Hyperledger AnonCreds] objects such as those published by an Issuer when [setting up to publish AnonCreds verifiable credential]
- JSON-LD context files.
- Verifiable Credential rendering data files and images published by verifiable
credential issuers, such as those proposed in the [W3C VC Rendering Methods
specification] and used in the [Overlay Capture Architecture (OCA) for Aries]
specification.

In publishing a file, the controller of the DID may use the KERI [[ref: TEL]] to
record the signing event, prior to publishing the file. In that case, in
processing the KERI Audit log, the publication event can be found, verified, and
ordered relative to key state changes and other signing events.

[StatusList2021]: https://w3c.github.io/vc-status-list-2021/
[Hyperledger AnonCreds]: https://www.hyperledger.org/projects/anoncreds
[setting up to publish AnonCreds verifiable credential]: https://hyperledger.github.io/anoncreds-spec/#anoncreds-setup-data-flow
[W3C VC Rendering Methods specification]: https://w3c-ccg.github.io/vc-render-method/
[Overlay Capture Architecture (OCA) for Aries]: https://github.com/hyperledger/aries-rfcs/blob/main/features/0755-oca-for-aries/README.md
* DID URL: `did:webs:w3c-ccg.github.io:12124313423525/members-list.txt`
* HTTPS URL: `https://w3c-ccg.github.io/12124313423525/members-list.txt`
* HTTPS JWS URL: `https://w3c-ccg.github.io/12124313423525/members-list.txt.jws`
* DID URL: `did:webs:mines.gov.bc.ca:VCissuer:12124313423525/mines-permit/v1.0/schema.json`
* HTTPS URL: `https://mines.gov.bc.ca/VCissuer/12124313423525/mines-permit/v1.0/schema.json`
* HTTPS JWS URL: `https://mines.gov.bc.ca/VCissuer/12124313423525/mines-permit/v1.0/schema.json.jws`

The core use case for this feature is providing an easy way for a DID controller to publish files such that those receiving the file can be confident that the file was explicitly published by the DID controller (they signed it), and has not been tampered with since it was published. A few examples of where this might be useful in verifiable credential-related use cases include:
* Revocation registries such as [[ref: StatusList2021]] published by the issuer (and revoker) of a set of revocable credentials.
* [Hyperledger AnonCreds] objects such as those published by an Issuer when [setting up to publish AnonCreds verifiable credential]
* JSON-LD context files.
* Verifiable Credential rendering data files and images published by verifiable credential issuers, such as those proposed in the [W3C VC Rendering Methods specification] and used in the [Overlay Capture Architecture (OCA) for Aries] specification.

See:
* [[ref: StatusList2021]]
* [[ref: Hyperledger AnonCreds]]
* [[ref: W3C VC Rendering Methods specification]]
* [[ref: Overlay Capture Architecture]] (OCA) for Aries

0 comments on commit 49985b2

Please sign in to comment.