[Openid-specs-fapi] Prerelease of JWS/CT (Clear Text)

Filip Skokan panva.ip at gmail.com
Sun Nov 8 12:17:56 UTC 2020 

Anders, i would assume the crit member takes care of the canonicalization process. 

So that the developer doesn't have to care, just passes in the object and the lib takes care of the rest. Likewise with verification. 

Odesláno z iPhonu

> 8. 11. 2020 v 10:31, Anders Rundgren <anders.rundgren.net at gmail.com>:
> 
> On 2020-11-07 11:34, Filip Skokan wrote:
>> Hi Anders,
> 
> Hi Filip,
> 
>> I believe i've posted this question elsewhere a while back as well.
>> Why doesn't the draft utilize a "crit" extension parameter so that this canonicalization handling could be built into and consumed directly from general JOSE libraries?
> 
> I understand the rationale but but I don't understand how it could actually work :-(
> 
> "just for fun" I took https://connect2id.com/products/nimbus-jose-jwt as an example:
> 
> // Verify a JWS compact object.  Input is a string like:
> // eyJhbGciOiJIUzI1NiJ9.eyJoaSI6InRoZXJlISJ9.hu7zlBdI9MjBx5WxiezZ9qAjubwgMzVpBg5pfbzfTe0
> 
> jwsObject = JWSObject.parse(s);
> ...etc...
> 
> // Verify a JWS/CT object having the same content.  Input is a JSON object like:
> // {
> //   "hi": "there",
> //   "signature": "eyJhbGciOiJIUzI1NiJ9..hu7zlBdI9MjBx5WxiezZ9qAjubwgMzVpBg5pfbzfTe0"
> // }
> // as well as an application-specific signature property holding the detached JWS
> 
> // The following hypothetical addition to Nimbus could perform the steps needed
> // for transforming a JWS/CT object into a regular JWS compact object:
> jwsObject = JWSObject.parse(jwsCtJsonObject, "signature");
> ...etc...
> 
> It seems like adding JWS/CT support should be fairly simple to an API along these lines.
> 
> Cheers,
> Anders
> 
>> Best,
>> Filip
>> Odesláno z iPhonu
>>> 7. 11. 2020 v 8:54, Anders Rundgren via Openid-specs-fapi <openid-specs-fapi at lists.openid.net>:
>>> 
>>> F.Y.I.
>>> 
>>> https://github.com/cyberphone/Internet-Drafts
>>> 
>>> Note: this document has not yet been submitted to the IETF.
>>> 
>>> Anders
>>> _______________________________________________
>>> Openid-specs-fapi mailing list
>>> Openid-specs-fapi at lists.openid.net
>>> http://lists.openid.net/mailman/listinfo/openid-specs-fapi
>

More information about the Openid-specs-fapi mailing list