decentralgabe / lds-jws2020

Linked Data Signatures for JWS

Home Page:https://w3id.org/security/suites/jws-2020

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Linked Data Signatures for JWS

View On Github

Interop Test Suite

See the repo above for links to implementations in Java, Rust and TypeScript.

Security Considerations

You should be aware that some of these curves are not considered safe:

If you will only ever need to support Ed25519 or only Secp256k1, you should consider using a restricted Linked Data Signature Suite like:

Supported JOSE Algorithms

The expected alg will be determined by the following table.

kty crvOrSize signature keyAgreement encryption
OKP Ed25519 EdDSA
OKP X25519 ECDH ECDH-ES+A256KW
EC secp256k1 ES256K ECDH
RSA 2048 PS256 RSA-OAEP
EC P-256 ES256 ECDH ECDH-ES+A256KW
EC P-384 ES384 ECDH ECDH-ES+A256KW

Anything else will result in an unsupported alg error.

Suite Details

Per ld-signatures, this Signature Suite defines the following:

{
  "id": "https://w3c-ccg.github.io/lds-jws2020/contexts/#JsonWebSignature2020",
  "type": "SignatureSuite",
  "canonicalizationAlgorithm": "https://w3id.org/security#URDNA2015",
  "digestAlgorithm": "https://tools.ietf.org/html/rfc4634#section-4.2.2",
  "signatureAlgorithm": "https://www.iana.org/assignments/jose/jose.xhtml#web-signature-encryption-algorithms"
}

See the Linked Data Signature Suite Vocabulary.

Credits and Support

Works with:

About

Linked Data Signatures for JWS

https://w3id.org/security/suites/jws-2020

License:Other