-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add OpenPgpSignature2019 as a JSON-LD Signature Suite #71
Comments
Reach out to Transmute |
@kimdhamilton I am Cofounder / CTO at Transmute, sorry should probably have mentioned that. We're members of the DIF and the W3C. Our work with DID and Verifiable Credentials, has motivated us to expand support for larger key types in ethr-did uport-project/ethr-did#30, and we believe that support for PGP might be an attractive target for DID interoperability, assuming we can define the signature suite in sufficient detail. We also work on https://github.com/decentralized-identity/element and https://github.com/decentralized-identity/github-did. In working with JSON-LD signature suites, particularly ones which support secp256k1, I've been frustrated by implementation differences that can cause incompatibility across implementations for the same suite, for example: jolocom/jolocom-lib#261 My hope is to ensure that if there is a suite approved for OpenPGP it does not suffer similar challenges. |
Hi @OR13,
It's possible Manu will sign up with you, but this other person needs to be identified before the work item can be proposed.
Afterward, the chairs will announce a review period to gather feedback from the community. If this sounds like overkill for what you intended, the informal work item review process is much more lax, and we can go ahead and proceed. (The only concrete difference to you at the moment would be where the repo is hosted.) ccing @msporny in case he has more context/desires on this. |
@kimdhamilton Thanks, so far I've not found another editor, I've made the announcement and asked around in a couple of channels. While I wait to hear back, is there any reason not to start informal and transition once I can find another editor / move the spec further along by myself? |
Will you be coming to next #RWOT in Prague, Sept 3-6th? If yes, it would be a good place for you to submit this idea as a Advance Topic paper (gives you a big discount for event) and see if you can find some others to support your effort. |
@OR13, yes, please proceed with this as an informal work item. I'll check with the other chairs on Friday regarding any bookkeeping on our side, but otherwise you should be good to go. |
Orie, Thanks for the effort on this. From today's CCG call:
|
Closing as not a formal work item. |
New Work Item Proposal
Categories: Exploration
Abstract
OpenPgpSignature2019 is a JSON-LD Signature Suite that uses OpenPGP for signing and verifying, and is otherwise like RsaSignature2017 and others, I've done my best to get it as close to the other references as possible.
https://github.com/transmute-industries/PROPOSAL-OpenPgpSignature2019
GPG/PGP/OpenPGP have support in many existing software systems, such as Github, are familiar to many users, and offer a unique opportunity to bridge older more established privacy technologies with new emerging standards like the DID spec, so long as the integration with JSON-LD Signatures can be formalized.
I'm seeking collaborators for reviewing the implementation, completing the signature suite spec, cross linking to relevant specs, and any comments or suggestions.
I'm also happy contribute the codebase to the DIF or elsewhere if that is recommended, its my hope that this JS implementation might be followed by other languages, and having a well formed spec is key to supporting that.
I'm a member of the DIF and this working group, but not this github org.
I've spoken to @msporny about this, and he suggested I follow the guidelines for a new work item.
Editors/Contributors: @OR13
The text was updated successfully, but these errors were encountered: