identity.rs
identity.rs copied to clipboard
iotaledger
Is it possible to sign verifiable credential with a did:web ?
Description
I'm currently evaluating identity.rs for an SSI context.
Everything looks good except it seems we can only sign a VC with an Account structure who can only manage an iota DID.
Is it correct ?
Motivation
Evaluate identity.rs in an interoperable context (with many DID resolver).
Requirements
Just a question right now.
Are you planning to do it yourself in a pull request?
Depending on the response.
You are essentially correct. The account is currently the high level API for signing and verifying data, and it can indeed only manage an IotaDocument . One can technically also use a CoreDocument directly for signing with a verification method from an arbitrary DID document (see CoreDID) and one can verify such signatures on VC/VPs using the CredentialValidator / PresentationValidator , but you will have to figure out how to resolve the relevant issuers DID Documents yourself and also figure out how to manage your private keys in a secure manner in that case.
Having said that we are working on making the library more interoperable with other DID methods as we want it to be easier to for instance verify a presentation containing credentials issued by DIDs from multiple DID methods. It must still be emphasized that this will most likely be implemented in a way that makes it easier for the caller/library user to mix in their own types rather than providing ready made solutions for DID methods that are not created by the IOTA Foundation.
Thank you for your response. It would indeed be nice if the direction of the library goes through more interoperability, as the quality of the library is overall excellent compared to anything I've seen so far. Another idea for DID resolution (at least for verification) should be to use an external service like universal resolver.
General cryptographic agility is now tracked in https://github.com/iotaledger/identity.rs/issues/1037. This is the condition to allow signing with arbitrary schemes.
