Mapping of Keys to Verification Methods and Relationships

[rodolfomiranda]

The goal is to define a univocal mapping between the keys in the KEL and the verificationMethod property, and the Verification Relationships authentication, assertionMethod, keyAgreement, capabilityInvocation and capabilityDelegation properties of the DID Document.

From @pfeairheller presentation:

• Verification Methods:
  • KERI public signing keys
  • Other keys committed to by AID
    • Keys derived from public signing keys (encryption)
    • Anchored in KEL (using cryptographic digest)
    • BADA (Best Available Data Acceptance) Policy
• Verification Relationships:
  • Authentication and assertion assigned to KERI public keys
  • Other types represented by key role BADA data

From ietf-did-keri:

For each key K in the Key State, add a Verification Method to the DID Doc containing K and the appropriate type, with the ID of K being K's prefix form (alternatively, the ID could be an integer of K's index in the current signer list)

I think we need to start defining:

• How to identify other keys anchored in the KEL. Should a specific seal format be defined to cover all possible cases defined in the DID Spec?
• key Id generation for each key
• Mapping of BADA roles to relationships