Comments (6)
Have solved this by returning the proof as part of the didResolutionMetadata
. I'll close this issue now and I'm OK with the proposed answer that this should be up to individual implementations.
from did-resolver.
IMO it's up to to the method specific resolvers that you plug into this package to verify the integrity of the resolverd DID document. There is never going to be a "one size fits all" for verifying integrity of DID documents.
from did-resolver.
This link is relevant, but doesn't fully answer my question: https://w3c.github.io/did-core/#proving-control-of-a-did-and-did-document
"Signatures on DID documents are optional.", but doesn't describe further what field should be used.
from did-resolver.
You're on the right track, I think.
Since not all DID methods require proofs or signatures to be trusted, I don't think it should be a decision of this library to attempt to do the verification.
One could argue that signed DID documents do not prove much in the general sense and that trust in a DID document heavily depends on the DID method, not the signature.
I suppose that this lib could forward some DID resolution input metadata to the corresponding resolver, in which case you would be able to implement the verification directly in your resolver if it requires it.
from did-resolver.
This seems connected to #61.
I'm still not convinced that this library should be responsible for this verification, since it would be mixing too many layers of verification.
If this is no longer needed, please close. Otherwise, please provide more context
from did-resolver.
@sondreb FYI: Most DID methods implement the check that the DID document is valid within the DID resolver itself. This means that you should strive to always run the resolution process client side.
from did-resolver.
Related Issues (20)
- [proposal] Add cosmosAddress Property in verificationMethod like a ethereumAddress HOT 10
- [BUG] Incorrect did matcher regex HOT 1
- [bug] private member `registry` leads to typescript compiler errors HOT 1
- JsonWebKey Interface only for a public key? Missing private key parameter. HOT 2
- Exporting the JsonWebKey interface HOT 2
- [BUG] ServiceEndpoint interface does not match DID Spec HOT 1
- [BUG] `types` are not exported correctly in `package.json` HOT 1
- [proposal] Allow query of a key fragment as a document HOT 3
- [proposal] Add list of known implemented methods with reference HOT 1
- further parameter for resolving HOT 5
- Authentication interface: publicKey in DidDoc an Array but string in type HOT 2
- Why owner instead of controller? HOT 2
- `@context` data type is defined too narrowly, causing issues with typescript projects HOT 1
- Action Required: Fix Renovate Configuration HOT 1
- Add support for didResolutionMetadata and didDocumentMetadata HOT 5
- How to build this project with an example? HOT 1
- Add dereference function HOT 4
- The automated release is failing 🚨
- Dependency Dashboard HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from did-resolver.