W3C home > Mailing lists > Public > public-credentials@w3.org > December 2014

Re: JOSE author didn't use JWS. Was: Digital Signatures for Credentials

From: Richard Barnes <rlb@ipv.sx>
Date: Tue, 2 Dec 2014 09:20:35 -0800
Message-ID: <CAL02cgTEUJmcpLq50KxecR2TDTzdSLxigpu1RQ1a=MAhhOAn3A@mail.gmail.com>
To: Manu Sporny <msporny@digitalbazaar.com>
Cc: Anders Rundgren <anders.rundgren.net@gmail.com>, public-credentials@w3.org
When I wrote that, there was no flattened serialization.  I'm currently
revising to use JWS.

On Mon, Dec 1, 2014 at 9:02 PM, Manu Sporny <msporny@digitalbazaar.com>
wrote:

> Richard,
>
> Quick question for you re: ACME - why did you decide to not use the JWS
> base64-encoding mechanism in the signature for ACME? Particularly,
> you've specified multiple canonicalization mechanisms (signature-input).
>
> The reason I'm asking is because we're trying to get some insight into
> whether or not the base64-encoded approach should be used when digitally
> signing credentials in the Credentials Community Group, or if you
> suggest we specify our own canonicalization mechanism and re-use the JWS
> alg/nonce/sig fields?
>
> On 11/28/2014 09:04 AM, Anders Rundgren wrote:
> >
> https://github.com/letsencrypt/acme-spec/blob/master/draft-barnes-acme.md
> >
> > {
> >   "type": "certificateRequest",
> >   "csr": "5jNudRx6Ye4HzKEqT5...FS6aKdZeGsysoCo4H9P",
> >   "signature": {
> >     "alg": "RS256",
> >     "nonce": "h5aYpWVkq-xlJh6cpR-3cw",
> >     "sig": "KxITJ0rNlfDMAtfDr8eAw...fSSoehDFNZKQKzTZPtQ",
> >     "jwk": {
> >       "kty":"RSA",
> >       "e":"AQAB",
> >       "n":"KxITJ0rNlfDMAtfDr8eAw...fSSoehDFNZKQKzTZPtQ"
> >     }
> >   }
> > }
>
> -- manu
>
> --
> Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
> Founder/CEO - Digital Bazaar, Inc.
> blog: The Marathonic Dawn of Web Payments
> http://manu.sporny.org/2014/dawn-of-web-payments/
>
Received on Tuesday, 2 December 2014 17:21:03 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:21 UTC