[Openid-specs-fapi] Prerelease of JWS/CT (Clear Text)
Anders Rundgren
anders.rundgren.net at gmail.com
Sun Nov 8 09:31:34 UTC 2020
On 2020-11-07 11:34, Filip Skokan wrote:
> Hi Anders,
Hi Filip,
>
> I believe i've posted this question elsewhere a while back as well.
>
> Why doesn't the draft utilize a "crit" extension parameter so that this canonicalization handling could be built into and consumed directly from general JOSE libraries?
I understand the rationale but but I don't understand how it could actually work :-(
"just for fun" I took https://connect2id.com/products/nimbus-jose-jwt as an example:
// Verify a JWS compact object. Input is a string like:
// eyJhbGciOiJIUzI1NiJ9.eyJoaSI6InRoZXJlISJ9.hu7zlBdI9MjBx5WxiezZ9qAjubwgMzVpBg5pfbzfTe0
jwsObject = JWSObject.parse(s);
...etc...
// Verify a JWS/CT object having the same content. Input is a JSON object like:
// {
// "hi": "there",
// "signature": "eyJhbGciOiJIUzI1NiJ9..hu7zlBdI9MjBx5WxiezZ9qAjubwgMzVpBg5pfbzfTe0"
// }
// as well as an application-specific signature property holding the detached JWS
// The following hypothetical addition to Nimbus could perform the steps needed
// for transforming a JWS/CT object into a regular JWS compact object:
jwsObject = JWSObject.parse(jwsCtJsonObject, "signature");
...etc...
It seems like adding JWS/CT support should be fairly simple to an API along these lines.
Cheers,
Anders
>
> Best,
> Filip
>
> Odesláno z iPhonu
>
>> 7. 11. 2020 v 8:54, Anders Rundgren via Openid-specs-fapi <openid-specs-fapi at lists.openid.net>:
>>
>> F.Y.I.
>>
>> https://github.com/cyberphone/Internet-Drafts
>>
>> Note: this document has not yet been submitted to the IETF.
>>
>> Anders
>> _______________________________________________
>> Openid-specs-fapi mailing list
>> Openid-specs-fapi at lists.openid.net
>> http://lists.openid.net/mailman/listinfo/openid-specs-fapi
More information about the Openid-specs-fapi
mailing list