OB 3.0: Select required and recommended proof methods #331
Comments
|
Found this tracking issue in vc-data-model:
I also saw these references to BBS+ in the SRI International review:
and
I don't know how the IETF and NIST are related. Does one act before the other? But it feels like BBS+ (and possibly other ZKP) are not ready to be required in an IMS specification. |
|
Linked Data Cryptographic Suite Registry, December 2020 |
|
One of the things Hosted verification does is refresh the credential. In the vc-data-model, that falls to the refresh service. Here is a discussion about the refresh service that brings up valid concerns to be considered if/when we define how the refresh service works for OB 3.0/CLR 2.0. |
|
@justinpitcher @danblickensderfer @roverwolf - Please correct any mistakes and tag Dmitri and Phil if you have their GitHub handles Notes from 2/3/22 meeting with invited expert Dmitri Zagidulin
Ref: Cryptography Review of W3C Verifiable Credentials Data Model (VCDM) and Decentralized Identifiers (DIDs) Standards and |
|
|
During the call I said there was some disagreement whether nested signatures with JWT was possible. It turns out it is documented and there is an example. The example is of a VP, but the process can be applied to a VC like CLR. And there is a thread in the [email protected] discussing future work to reduce the size of JWTs of large credentials. Those of you that are familiar with a signed CLR 1.0 will immediately recognize the decoded example. |
|
I propose that the project group recommend these 3 proof methods. And I propose the project group select 1 for certification testing. Linked Data Proofs
JWT Proof
|
|
We should also consider CBOR given it's proliferation in the EU https://test.webpki.org/csf-lab/home Given the current conversations in VC-API I am concerned they will not support JWT but I have not been following the VC workgroup close enough to speak authoritatively. I put this forward with the caveat we are using JWTs and embedded JWTs in a current implementation. |
|
It looks like CBOR Signature Format (CSF) is an alternative to JWT. Is that because CSF results in smaller payloads than JWT? CSF is not mentioned in VC1.1. That's not a reason to exclude it from consideration, but it does change the conversation. |
|
@martyr280 Is there a blockchain Linked Data Proof method we should consider? |
|
TBD on payload size, but that would be the intent. |
|
There's also active discussion on JWS encryption compression https://www.iana.org/assignments/jose/jose.xhtml#web-encryption-compression-algorithms not sure if it's necessary to be a part of it but I think should be a consideration in an implementation guide. |
|
Marty: CBOR is extremely efficient at compressing binary data. We should find out how/if CBOR can be leveraged in the context of VC-API. The question that Andy has asked us is to consider 3 proof methods, select 1 for certification testing. Which JWT are you using, JSON Web Signature 2020 or JWT Proof - RSA-SHA256 (RS256)?
… On Feb 10, 2022, at 5:08 PM, Marty Reed ***@***.***> wrote:
We should also consider CBOR given it's proliferation in the EU https://test.webpki.org/csf-lab/home <https://test.webpki.org/csf-lab/home> Given the current conversations in VC-API I am concerned they will not support JWT but I have not been following the VC workgroup close enough to speak authoritatively. I put this forward with the caveat we are using JWTs and embedded JWTs in a current implementation.
—
Reply to this email directly, view it on GitHub <#331 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AADYBFE3WXFDXVSNMDC6V6LU2QZMHANCNFSM5NG44W6Q>.
Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you were mentioned.
|
|
we're using JWT RS512 |
|
CBOR-LD does a great job of compressing JSON-LD for storing in a database or as an API payload. But I don't think there is an external proof format (e.g. VC-JWT is an external proof format) that uses CBOR instead of JSON. There is a CBOR Web Token, but I could not find a spec or standards track effort to normatively define a CBOR Web Token Proof method. We could define one, but there is little evidence others will use it. Please let me know if you find evidence that CBOR Web Token Proof is being worked on. |
|
Leaving this here so I don't lose track of it: https://medium.com/transmute-techtalk/linked-data-proofs-vs-jose-why-not-both-1594393418cc |
|
As of today, vc-wg-charter is aiming to create test suites for 3 proof types: Data Integrity Ed25519, Data Integrity BBS+, and JSON Web Token (an external proof type). The charter language used to talk about normatively defining concrete serializations. I'm not sure if creating test suites implies normative language or not. |
|
Closing. Only VC-JWT is normative. See #365 for next step. |
|
@amiller-ims - Can you say a little more? Why was 'Only VC-JWT is normative' decided? |
|
@dmitrizagidulin - Only VC-JWT is concretely defined normatively in VC Data Model 1.1. Other Linked Data Proofs are defined in proposed recommendations (on a standards track, but not yet an approved standard) or community group reports (not on a standards track). The OB 3.0 spec can refer to those as informative documents (e.g. in an implementation guide). But IMS standards policy prevents us from requiring (using normative language) their content. Mostly to avoid churn. There are two options at least:
I'd welcome other ideas. |
|
BTW, it is important that the OB 3.0 and CLR 2.0 specs not prevent the use of other proofs so that implementers can experiment. The next major release of OB 3.0 and CLR 2.0 will likely be 12 to 18 months after they are released. That will put them right in line with VC 2.0 which will normatively define additional proofs. |
FWIW, this signature suite is being rolled into a US-wide production deployment in retail as we speak -- 152K+ locations, 50M people per day... so it's highly likely that we'll have no choice but to define it normatively (somewhere) and support it long term. Going w/ VC-JWT limits you in a variety of ways:
|
|
It's also worth noting that VC wallets in the education space are favoring Ed25519 Signature 2020 so Open Badge issuing platforms that wish to integrate with VC wallets will likely be adopting this too. |
That's awesome! I'll keep a close watch on that, but please let IMS know when that happens. |
The implementation and binary format is locked down (and has been for over a year): https://github.com/digitalbazaar/ed25519-signature-2020 The spec does exist here, but is horribly out of date: https://w3c-ccg.github.io/lds-ed25519-2020/ That spec is an input document to the VC2WG, which is expected to begin work over the summer and we expect a conformance test suite to exist by late summer (remember, this work has been going on for over 8+ years, so we already have lots of incubation and implementation feedback done). We can let you know when the spec hits Candidate Recommendation, which would be at least one signal that you can probably lock yourself into the spec at that point. |
|
Reopening based on conversation. |
|
I propose reference to either an existing proof registry https://w3c-ccg.github.io/vc-extension-registry/ or given IMS Global policy create an IMS Proof Registry. This then solves for the ever evolving signature space. |
As one of the maintainers of the above registry -- I'm sad to say that it's out of date. Everyone is waiting for a bit of a registry reshuffle w/ the upcoming VC2WG wrt. cryptosuites and registries. This should give you an idea of where the work is headed in the next couple of months: See the "Securing Verifiable Credentials (SVC) 1.0" section for a list of cryptosuites that are in scope: https://w3c.github.io/vc-wg-charter/#deliverables Those will end up in a VC2WG registry.
Note that the VC2WG is planning to maintain registries related to the cryptosuites, see the "Registries" deliverable here: https://w3c.github.io/vc-wg-charter/#deliverables If it would help, I could make a pass at updating the vc-extension-registry with the currently known cryptosuites... but those are likely to change location in the next couple of months. |
|
@msporny that would be helpful to move our discussion along, @amiller-ims how does this hit you? |
|
As an issuer platform, we would like to use the Ed25519 suite to sign credentials, as we find some wallets we want to integrate with are supporting this proof method. In terms of writing the spec, we're aware that there are several proof methods at various stages of maturity and adoption. But we'll actually need to decide:
It may make sense to allow JWT as an option; I would like to see Ed25519 as an option, and there may be other proof methods that other members might suggest. It is good to keep the list tight in terms of what options we make required, to keep implementation costs low, but we should determine from the implementing members what proof methods they need to support for their use cases, hope for some decent alignment, and have a lightweight enough mechanism to be able to add more to the list without a huge heavy list in the future. |
|
Just finished an internal discussion and I am pleased to say we will include Ed25519 linked data proof in the spec and will reference either https://github.com/digitalbazaar/ed25519-signature-2020 or https://w3c-ccg.github.io/lds-ed25519-2020/ (whichever is more likely to appear in https://w3c-ccg.github.io/vc-extension-registry/) as a normative reference. The feedback you all provided really helped me make the case and IMS is strongly in favor of helping this move forward. Thank you! |
|
recommend referencing https://w3c-ccg.github.io/vc-extension-registry/ as this is pending PR to update to the latest ed25519-2020 spec |
|
I concur with the pointer to W3C’s vc-extension registry. I think it helpful to reference a group that has multiple and diverse stakeholders seeking to use crypto suites that include business, gov, and education issuers.
And +1 for the choice of the Ed25519 suite as one of the required linked data crypto options.
Cheers,
Phil
Phillip Long, Ph.D.,Open Software Fellow
Concentric Sky
e: ***@***.*** ***@***.***>
https://concentricsky.com/ <https://concentricsky.com/>
—
… On Mar 30, 2022, at 10:59 AM, Marty Reed ***@***.*** ***@***.***>> wrote:
recommend referencing https://w3c-ccg.github.io/vc-extension-registry/ <https://w3c-ccg.github.io/vc-extension-registry/> as this is pending PR to update to the latest ed25519-2020 spec
—
Reply to this email directly, view it on GitHub <#331 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AADYBFBUONWBBWTDALG4G7DVCRT67ANCNFSM5NG44W6Q>.
You are receiving this because you were mentioned.
|
OB 2.0 and CLR 1.0 use Signed and Hosted Verification. OB 3.0 and CLR 2.0 will drop Signed and Hosted Verification, and replace it with proof methods as defined in the VC Data Model (and other places).
Hopefully this issue can be used to hold a conversation about proof methods that will inform the certification requirements and implementation guides for both OB 3.0 and CLR 1.0.
The text was updated successfully, but these errors were encountered: