Comments (4)
I don't know how key agreement works in KERI, can you point me to something?
I know that Ed25519 keys can be converted to X25519 for key agreement, and we could add such converted keys to the DID document. Some DID methods do that "automatically", and some don't. There are some use cases and ecosystems where this is not acceptable.
from tswg-did-method-webs-specification.
There definitely needs to be a way to declare both the Verification and KeyAgreement, and have the controller explicitly do the derivation of (for example) Ed25519 to X25519 vs. the DID Method doing it for you.
from tswg-did-method-webs-specification.
Sam and Phil provided information on key agreement:
KERI supports more than Ed25519 (ECDSA for instance would use the same curve, no translation). So specifying translation is problematic, NIST algorithms use the same keys as the signing keys. The right strategy would be similar to how we are handling endpoints, domain migration info, etc. Normally in KERI we would use BADA-RUN for key agreement (just like we do for endpoints). But we should support two choices; BADA-RUN the assertion for the key agreement encryption key or anchor the key agreement info to the KEL via an ACDC credential.
from tswg-did-method-webs-specification.
I included this wording in #64
Happy to adjust in a future PR.
from tswg-did-method-webs-specification.
Related Issues (20)
- Reorder section 7 to emphasize the DID Method Operations and add Create/Update details HOT 5
- Security Characteristics are difficult to relate to did:webs HOT 2
- ABNF definition of method in section 6.2 not a full ABNF specification HOT 1
- Terminology needs to be aligned and KERI only question (related) HOT 10
- International and Unicode domain names
- Too much informative text; normative requirements not clear enough HOT 2
- Glossary Terms - ToIP & did:webs alignment HOT 3
- KERI Version strings all legacy in example jsons
- State document conventions regarding normative statements, informative statements, etc.
- Request to add did:webs to the DID method registry HOT 1
- Align blog post with Muggles session HOT 1
- attribute more contributors or editors HOT 2
- Direct mode AIDs are not the simplest, are they? HOT 1
- Discuss spec versioning and did document verification
- Spoofing did:webs didDocs HOT 7
- Cleanup defs and/or terminology.md HOT 4
- Remove the “Transformations” section, or at least the “did:peer” part of it HOT 2
- Full Example section paragraph is difficult for a newbie to parse and match with JSON HOT 2
- Can we shift or somehow de-emphasize the terminology section? HOT 4
- why must FQDN not include IP addresses? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from tswg-did-method-webs-specification.