- From: Andy Green <andy@warmcat.com>
- Date: Wed, 6 Dec 2017 06:23:23 +0800
- To: Jeffrey Yasskin <jyasskin@google.com>, HTTP Working Group <ietf-http-wg@w3.org>
On 12/06/2017 05:19 AM, Jeffrey Yasskin wrote: > Hi all, > > I've published > https://tools.ietf.org/id/draft-yasskin-http-origin-signed-responses-01.html > to follow up on > https://lists.w3.org/Archives/Public/ietf-http-wg/2017JulSep/0385.html > with a concrete proposal for the Signature header. Sorry if this was already discussed, but do you know about JWS / JWK? https://tools.ietf.org/html/rfc7515 https://tools.ietf.org/html/rfc7517 ACME uses them https://datatracker.ietf.org/doc/draft-ietf-acme-acme/ So there are an increasing number of implementations of this. There seems to be a lot of crossover with what you're trying to do there (encode key type and parameters). It's B64url encoding but it will let you put everything in one header. -Andy > Thanks, > Jeffrey
Received on Tuesday, 5 December 2017 22:24:13 UTC