[Openid-specs-fapi] Prerelease of JWS/CT (Clear Text)
anders.rundgren.net at gmail.com
Sun Nov 8 09:31:34 UTC 2020
On 2020-11-07 11:34, Filip Skokan wrote:
> Hi Anders,
> I believe i've posted this question elsewhere a while back as well.
> Why doesn't the draft utilize a "crit" extension parameter so that this canonicalization handling could be built into and consumed directly from general JOSE libraries?
I understand the rationale but but I don't understand how it could actually work :-(
"just for fun" I took https://connect2id.com/products/nimbus-jose-jwt as an example:
// Verify a JWS compact object. Input is a string like:
jwsObject = JWSObject.parse(s);
// Verify a JWS/CT object having the same content. Input is a JSON object like:
// "hi": "there",
// "signature": "eyJhbGciOiJIUzI1NiJ9..hu7zlBdI9MjBx5WxiezZ9qAjubwgMzVpBg5pfbzfTe0"
// as well as an application-specific signature property holding the detached JWS
// The following hypothetical addition to Nimbus could perform the steps needed
// for transforming a JWS/CT object into a regular JWS compact object:
jwsObject = JWSObject.parse(jwsCtJsonObject, "signature");
It seems like adding JWS/CT support should be fairly simple to an API along these lines.
> Odesláno z iPhonu
>> 7. 11. 2020 v 8:54, Anders Rundgren via Openid-specs-fapi <openid-specs-fapi at lists.openid.net>:
>> Note: this document has not yet been submitted to the IETF.
>> Openid-specs-fapi mailing list
>> Openid-specs-fapi at lists.openid.net
More information about the Openid-specs-fapi