[Openid-specs-fapi] I-D: draft-jordan-jws-ct-00

Anders Rundgren anders.rundgren.net at gmail.com
Sun Nov 22 05:45:05 UTC 2020

Hi Stuart,

On 2020-11-22 00:17, Stuart Low wrote:
> If I understand this spec correctly the intent is to place a signature as an inline attribute to the original payload (ie. add a `signature` key)?

That's correct.

> I'm not so sure I'm onboard with inline modification of the original payload for a signature of the payload itself. I raise this because parsing then modifying a payload to return it back to it's original state before being able to verify it in the first place seems counter intuitive.

This is not something the authors have invented or dreamed up:

A variation of this concept is the core of for example PDF signatures:

The idea here is simply to maintain the structure of the original data even when it has been signed.

For application developers, the admittedly rather awkward transformation and canonicalization processes can be made transparent.

A hypothetical verification sequence in Javascript could then be something like:

// Sample from the I-D using Javascript syntax (the API's
// internal use of JSON.stringify() makes it JSON compatible).
let signedObject = {
   statement: 'Hello signed world!',
   otherProperties: [2000, true],
   signature: 'eyJhbGciOiJIUzI1NiJ9..VHVItCBCb8Q5CI-49imarDtJeSxH2uLU0DhqQP5Zjw4'

// Note: 'signature' is not a key word, it is application specific.
let decoded = new JwsCtDecoder(signedObject, 'signature');

if (new JwsValidor(publicKey).validate(decoded)) {


> Have you considered a "JWS/JWE like" envelope instead? ie:
> {
>    "signature": "abc"
> },
> {
>    "payload1": "x"
>    "payload2": "y"
> }
> Thanks,
> Stuart
> On Fri, Nov 20, 2020 at 10:42 PM Anders Rundgren via Openid-specs-fapi <openid-specs-fapi at lists.openid.net <mailto:openid-specs-fapi at lists.openid.net>> wrote:
>     https://www.ietf.org/archive/id/draft-jordan-jws-ct-00.html <https://www.ietf.org/archive/id/draft-jordan-jws-ct-00.html>
>     Abstract:
>          This document describes a method for extending the scope of the JSON
>          Web Signature (JWS) standard, called JWS/CT.  By combining the
>          detached mode of JWS with the JSON Canonicalization Scheme (JCS),
>          JWS/CT enables JSON objects to remain in the JSON format after being
>          signed (aka "Clear Text" signing).
>     On-line service for testing/evaluation: https://mobilepki.org/jws-ct <https://mobilepki.org/jws-ct>
>     _______________________________________________
>     Openid-specs-fapi mailing list
>     Openid-specs-fapi at lists.openid.net <mailto:Openid-specs-fapi at lists.openid.net>
>     http://lists.openid.net/mailman/listinfo/openid-specs-fapi <http://lists.openid.net/mailman/listinfo/openid-specs-fapi>

More information about the Openid-specs-fapi mailing list