The reason for the duplication is inherited from decisions made in the W3C Community Group that shaped DIDs and VCs before they became formal work items at W3C.
There has historically been a lot of hostility towards using COSE Key or JWK for anything in those groups, many contributors to the community group seem to prefer multicodec / multiformats / multibase representations. For comparison, here are the multicodec representations: https://github.com/digitalbazaar/data-integrity/blob/d9245721985f34703dde7a04aed13ca8dd80049e/README.md?plain=1#L90 https://github.com/multiformats/multicodec/blob/master/table.csv#L97 https://github.com/multiformats/multicodec/blob/master/table.csv#L167 { "id": "did:key:z6MkwXG2WjeQnNxSoynSGYU8V9j3QzP3JSqhdmkHc6SaVWoT#z6MkwXG2WjeQnNxSoynSGYU8V9j3QzP3JSqhdmkHc6SaVWoT", "type": "Ed25519VerificationKey2020", "controller": "did:key:z6MkwXG2WjeQnNxSoynSGYU8V9j3QzP3JSqhdmkHc6SaVWoT", "publicKeyMultibase": "z6MkwXG2WjeQnNxSoynSGYU8V9j3QzP3JSqhdmkHc6SaVWoT", "secretKeyMultibase": "zrv3rbPamVDGvrm7LkYPLWYJ35P9audujKKsWn3x29EUiGwwhdZQd1iHhrsmZidtVALBQmhX3j9E5Fvx6Kr29DPt6LH" } Notice the public key is repeated in the private key for `secretKeyMultibase`, for Ed25519... this is not the case for P-256, or other curves afaik. You might get better answers regarding multikey on the IETF list for the work: https://mailarchive.ietf.org/arch/browse/multiformats/ There will probably be a charter to review for this eventually. Regards, OS On Fri, Aug 4, 2023 at 11:11 AM Ilari Liusvaara <[email protected]> wrote: > On Fri, Aug 04, 2023 at 10:11:43AM -0500, Orie Steele wrote: > > https://github.com/w3c/vc-data-integrity/pull/148/files > > > > Raising this PR here, in case you have time to comment. > > > > We expect something similar to happen for COSE Keys in the future, so > > including both lists. > > > > For background: > > > > The W3C has a structure called a "VerificationMethod" which can > > express relationships between identifiers (such as DIDs) and public > > keys (in any representation, not just JWK). > > > > In the case of JWK public Keys, the json member "publicKeyJwk" is > > used. > > > > This PR defines the other side of this member, in cases where the > > private key is exportable. > > > > After this PR is merged, implementations will be expected to use > > "secretKeyJwk" instead, concrete example: > > > > { > > "id": "did:example:123#key-456", > > "type": "JsonWebKey", > > "controller": "did:example:123", > > "publicKeyJwk": { > > "kty": "OKP", > > "crv": "Ed25519", > > "x": "ENqgw6Hv-5M0igPQGtx7iA6BZkrKJ8VI4Mw2d4Be9D8" > > }, > > "secretKeyJwk": { > > "kty": "OKP", > > "crv": "Ed25519", > > "x": "ENqgw6Hv-5M0igPQGtx7iA6BZkrKJ8VI4Mw2d4Be9D8", > > "d": "Mwn-HlkrBlVBOl1QlfQgG5BmucOEIj12IItidki54q8" > > } > > Any reason why the public key fields are duplicated? The private key > could only have the private fields (in this case, "d"). > > > > -Ilari > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > -- ORIE STEELE Chief Technology Officer www.transmute.industries <https://transmute.industries>
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
