establishes a bidirectional many-to-many link between a DID and an associated GPG key. the rkey of this record must be the fingerprint of the GPG key, encoded in lowercase hexadecimal with no prefix, suffix, or delimiter.
Record Key
any
Any valid record key
Properties
endorsement
string
Required
base64-encoded detached signature of the canonical at:// uri of this record, to prove the DID's ability to use the key.
key
string
Required
base64-encoded GPG key as produced by `gpg --export $rkey | base64 -w0`. the export must consist of exactly one key.
ref
string
at-uri
Required
at uri of this record with the owning DID replaced by handle.invalid. used to search keys by fingerprint.
View raw schema
{
"key": "any",
"type": "record",
"record": {
"type": "object",
"required": [
"endorsement",
"key",
"ref"
],
"properties": {
"key": {
"type": "string",
"minlength": 1,
"description": "base64-encoded GPG key as produced by `gpg --export $rkey | base64 -w0`. the export must consist of exactly one key."
},
"ref": {
"type": "string",
"format": "at-uri",
"maxlength": 83,
"minlength": 83,
"description": "at uri of this record with the owning DID replaced by handle.invalid. used to search keys by fingerprint."
},
"endorsement": {
"type": "string",
"minlength": 1,
"description": "base64-encoded detached signature of the canonical at:// uri of this record, to prove the DID's ability to use the key."
}
}
},
"description": "establishes a bidirectional many-to-many link between a DID and an associated GPG key. the rkey of this record must be the fingerprint of the GPG key, encoded in lowercase hexadecimal with no prefix, suffix, or delimiter."
}