Merge pull request #651 from w3c-ccg/642-assertionmethod-section-seem…

…s-unnecessary 642 assertionmethod section seems unnecessary
w3c-ccg · Apr 25, 2024 · 86ac91b · 86ac91b
2 parents 8c42490 + 2a75168
commit 86ac91b
Showing 1 changed file with 30 additions and 19 deletions.
diff --git a/docs/spec/sections/use-case-requirements.html b/docs/spec/sections/use-case-requirements.html
@@ -138,43 +138,47 @@ <h5>service</h5>
 <section>
   <h5>assertionMethod</h5>
 <p>
-The set of supported <code>assertionMethod</code> DID URLs for the organization.
+  The <code>assertionMethod</code> references public key material used by the organization for issuing Verifiable Credentials.
 </p>
 
 <p>
 See <a href="https://www.w3.org/TR/did-core/#assertion">assertionMethod</a>.
 </p>
-</section>
 
-<section>
-  <h5>authentication</h5>
 <p>
-The set of supported <code>authentication</code> DID URLs for the organization.
+  This entry MUST be present.
 </p>
 
 <p>
-See <a href="https://www.w3.org/TR/did-core/#authentication">authentication</a>.
+  This entry MUST have at least one entry referencing an available <code>verificationMethod</code>.
 </p>
+
 </section>
 
- <p>
-  The <code>didDocument</code> MAY contain a <code>verificationMethod</code> section,
-  which MAY be used to support <code>did:web</code> based verification relationships.
- </p>
+<section>
+  <h5>verificationMethod</h5>
+
+  <p>
+    The <code>verificationMethod</code> contains cryptographic material for public keys.
+  </p>
+
+  <p>
+    See <a href="https://www.w3.org/TR/did-core/#verification-methods">verificationMethod</a>.
+  </p>
+
 <p>
-  The <code>didDocument</code> MUST NOT contain <code>verificationMethods</code> where the controller is different from the DID Subject.
+  The <code>didDocument</code> MUST contain at least one <code>verificationMethod</code> element.
 </p>
 
 <p>
-  All <code>Ed25519VerificationKey2018</code> types support <code>Ed25519Siganture2018</code>.
+  The <code>didDocument</code> MUST NOT contain <code>verificationMethods</code> where the controller is different from the DID Subject.
 </p>
 
 <p>
-  All <code>JsonWebKey</code> types support <code>application/vc+ld+jwt</code>.
 </p>
 
 <p>
-  In this example, the organization suports authentication and credential issuance with the same two keys, identified via the DID URLs in the relationships:
+  All <code>JsonWebKey</code> types support securing with JOSE, as described in <a href="https://w3c.github.io/vc-jose-cose/#secure-with-jose">W3C VC-JOSE-COSE</a>.
 </p>
 
 <pre class="example">
@@ -185,12 +189,19 @@ <h5>authentication</h5>
     ],
     "id": "did:web:platform.example:organization:123",
     "assertionMethod": [
-      "did:key:z6MksSdhqJH3VvzcX8WP6VbdB85e6T7aaL5yLLYeJLJrto8V#z6MksSdhqJH3VvzcX8WP6VbdB85e6T7aaL5yLLYeJLJrto8V",
-      "did:key:z82LkpR3sPw87xdgs72J3EzGXChciBmhV6ukkbeAGFtCpauXHiEwtM2tyDcphRnLmKsB1fi#z82LkpR3sPw87xdgs72J3EzGXChciBmhV6ukkbeAGFtCpauXHiEwtM2tyDcphRnLmKsB1fi"
+      "did:web:platform.example:organization:123#key1"
     ],
-     "authentication": [
-      "did:key:z6MksSdhqJH3VvzcX8WP6VbdB85e6T7aaL5yLLYeJLJrto8V#z6MksSdhqJH3VvzcX8WP6VbdB85e6T7aaL5yLLYeJLJrto8V",
-      "did:key:z82LkpR3sPw87xdgs72J3EzGXChciBmhV6ukkbeAGFtCpauXHiEwtM2tyDcphRnLmKsB1fi#z82LkpR3sPw87xdgs72J3EzGXChciBmhV6ukkbeAGFtCpauXHiEwtM2tyDcphRnLmKsB1fi"
+    "verificationMethod": [
+        {
+            "id": "did:web:platform.example:organization:123#key1",
+            "type": "JsonWebKey2020",
+            "controller": "did:web:platform.example:organization:123",
+            "publicKeyJwk": {
+                "kty": "OKP",
+                "crv": "Ed25519",
+                "x": "rfsiofZ3RcuMWZSoYbvNEZ_8oxeep8uapJDyT0ku8EM"
+            }
+        }
     ],
     "service": [
       {