Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Should we use Linked Data Proofs for signatures? #9

Open
dhuseby opened this issue May 5, 2019 · 1 comment
Open

Should we use Linked Data Proofs for signatures? #9

dhuseby opened this issue May 5, 2019 · 1 comment

Comments

@dhuseby
Copy link
Owner

dhuseby commented May 5, 2019

I think it is a good idea for us to use Linked Data Proofs for the signatures that are stored in Git commits. This seems like the right thing to do.
@OR13
Copy link

OR13 commented May 15, 2019

I agree, I've been working to try and create a Signature Suite that supports OpenPGP, hoping it might help with exactly this linkage (commits and proofs signed by GPG keys!)...

I'm still seeking another editor for the signature suite proposal:

w3c-ccg/community#71

There are also RSA signature suites which might be compatible, but more investigation is needed i think:

https://github.com/transmute-industries/RsaSignature2017

https://github.com/digitalbazaar/jsonld-signatures

Finding a suite that is compatible with GPG seems like a requirement for this, but I suppose a mixed keys approach could be used, and might even be advisable: single proof purpose per key.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dhuseby @OR13