w3c-ccg/security-vocab

JWK Ont?

Opened this issue · 4 comments

We are looking for an ontology for an extension of the IETF Work on "Signing HTTP Messages" for Authentication. See the Solid Authentication Panel Issue Ontology for the KeyId document.

Looking at the security vocabulary spec I see JWK info embedded in various examples, e.g. example 2. I am having difficulty parsing the json-ld as RDF though - but this could well be that I have not yet written the JSON-LD parser I intend to write this year - and so I am not that familiar with the format. Still, trying the banana-rdf library tools I don't seem to be able to find the triples associated with the jwk.
I tried adding some context to example 2

{
"@context": [
    "https://w3id.org/security/v1",
    { "ex": "http://example.org/vocab#" }
  ],
  "id": "did:example:123#WqzaOweASs78whhl_YvCEvj1nd89IycryVlmZMefcjU",
  "type": "EcdsaSecp256k1VerificationKey2019",
  "controller": "did:example:123",
  "publicKeyJwk": {
    "crv": "secp256k1",
    "x": "4xAbUxbGGFPv4qpHlPFAUJdzteUGR1lRK-CELCufU9w",
    "y": "EYcgCTsff1qtZjI9_ckZTXDSKAIuM0BknrKgo0BZ_Is",
    "kty": "EC",
    "kid": "WqzaOweASs78whhl_YvCEvj1nd89IycryVlmZMefcjU"
  }
}

But I only seem to be able to extract one triple from it, namely:

<did:example:123#WqzaOweASs78whhl_YvCEvj1nd89IycryVlmZMefcjU> a <https://test.ont/EcdsaSecp256k1VerificationKey2019> .

Is this a bug with the Jena and RDF4J JSON-LD parsers?
I would like to be able to use that jwk as an ontology in Turtle and in other documents.

Fak3 commented

I think the context v3 should fix this? What is its status? https://w3id.org/security/v3 does not exist

Thanks @Fak3. I tried to parse an example using the v3 context by serving it from the Solid Web Server I am writing: see the two files here.

Using the latest Jena Riot I get the following error though from the ammonite console

$ amm
import $ivy.`org.apache.jena:apache-jena-libs:3.17.0`
import org.apache.jena.rdf.model.{Model,ModelFactory}
import org.apache.jena.riot.{RDFLanguages,RDFDataMgr}

val m2 = RDFDataMgr.loadModel("http://localhost:8080/ont/example")
org.apache.jena.riot.RiotException: invalid term definition: 1.1
  org.apache.jena.riot.system.ErrorHandlerFactory$ErrorHandlerStd.error(ErrorHandlerFactory.java:146)
  org.apache.jena.riot.lang.JsonLDReader.read$(JsonLDReader.java:191)
  org.apache.jena.riot.lang.JsonLDReader.readWithJsonLDCtxOptions(JsonLDReader.java:144)
  org.apache.jena.riot.lang.JsonLDReader.read(JsonLDReader.java:118)

Perhaps my examples are not correct?
I do see that the context resource is fetched from my server.

I think the above problem has to do with the Jena parser. I tried titanium json-ld listed on json-ld.org, and that actually worked.
Using Ammonite on the command line:

import $ivy.`com.apicatalog:titanium-json-ld:1.0.0`
import $ivy.`org.glassfish:jakarta.json:2.0.0`
import com.apicatalog.jsonld._

val ex = JsonLd.toRdf("http://localhost:8080/ont/example")

import com.apicatalog.rdf.io.nquad.NQuadsWriter
import java.io._

val n4out = new NQuadsWriter(new PrintWriter(System.out))
n4out.write(ex.get) 

I get the output equivalent to the following Turtle

<did:example:123#WqzaOweASs78whhl_YvCEvj1nd89IycryVlmZMefcjU> a <https://w3id.org/security#EcdsaSecp256k1VerificationKey2019> ;
   <https://w3id.org/security#controller> <did:example:123> .
   <https://w3id.org/security#publicKeyJwk> """{"crv":"secp256k1","kid":"WqzaOweASs78whhl_YvCEvj1nd89IycryVlmZMefcjU","kty":"EC","x":"4xAbUxbGGFPv4qpHlPFAUJdzteUGR1lRK-CELCufU9w","y":"EYcgCTsff1qtZjI9_ckZTXDSKAIuM0BknrKgo0BZ_Is"}"""^^<http://www.w3.org/1999/02/22-rdf-syntax-ns#JSON> .

So I now see how this is meant to work.
The keys are encoded in json, and the security:publicKeyJwk has as range the jwk subtype of json documents. These have a semantics, which could be given by transforming them into pretty much the obvious triples they contain (which would require giving the attributes a namespace)

This can be closed, or tagged "FAQ" with a title changed to "having trouble with parser".