From 8f741137e88ac989226a967499f4d4440d1b4aa0 Mon Sep 17 00:00:00 2001 From: "Charles E. Lehner" Date: Thu, 24 Mar 2022 18:04:23 -0400 Subject: [PATCH] Describe mappings more --- index.html | 34 ++++++++++++++++++++++++++++++---- 1 file changed, 30 insertions(+), 4 deletions(-) diff --git a/index.html b/index.html index 6bc5518..d100d5d 100644 --- a/index.html +++ b/index.html @@ -31,7 +31,16 @@

Status of This Document

Context

JSON-LD Context file: https://demo.didkit.dev/2022/cacao-zcap/context/v1.json

-

This context file is expected to be used in @context following the Security Vocabulary context (https://w3id.org/security/v2).

+

This context file is expected to be used in @context following the Security Vocabulary context (https://w3id.org/security/v2). i.e.:

+ 
+{
+  "@context": [
+    "https://w3id.org/security/v2",
+    "https://demo.didkit.dev/2022/cacao-zcap/context/v1.json"
+  ],
+  ...
+}
+
@@ -62,7 +71,7 @@

CACAO-ZCAP Mapping

p.iss - DID ↔ DID URL + DID ↔ DID URL proof.verificationMethod yes @@ -153,7 +162,7 @@

CACAO-ZCAP Mapping

p.resources[0] - URL ↔ ZCAP Root URN + URL ↔ ZCAP Root URN proof.capabilityChain[0] no @@ -174,13 +183,30 @@

CACAO-ZCAP Mapping

s.s - bytes ↔ multibase + bytes ↔ multibase proof.proofValue no + +
+

issuer-verificationMethod mapping

+

The CACAO payload issuer property (p.iss) is defined by the CACAO CAIP to be a did:pkh DID. The proof verificationMethod property is expected to be a DID URL resolving to a verification method. + CACAO-ZCAP converts between these two fields by assuming that the issuer DID has a default verification method, that the CACAO signature is created using the verification material of that default verification method, and that the default verification method allows creating a proof of type CacaoZcapProof2022.

+
+ +
+

Root ZCAP mapping

+

The first value of the CACAO payload resources array is used as the invocation target URI, that is the value of the zcap delegation's invocationTarget property. The invocation target URI is encoded into a root zcap URN to become the root capability id. The root zcap URN is constructed as the concatenation of "urn:zcap:root:" with encodeURIComponent(invocationTarget). To transform the root zcap URN to the invocation target URI, the prefix "urn:zcap:root:" is removed and the remaining value is URL-decoded to return the invocation target id.

+
+ +
+

signature-proofValue mapping

+

In CACAO, the signature is represented with an IPLD bytes type. In ZCAP and data integrity proofs, the signature is typically represented in a string in the proofValue property of the proof object. CACAO-ZCAP encodes the signature in the proofValue property using multibase.

+
+