- From: Manu Sporny <msporny@digitalbazaar.com>
- Date: Tue, 02 Dec 2014 00:02:10 -0500
- To: Anders Rundgren <anders.rundgren.net@gmail.com>, public-credentials@w3.org, Richard Barnes <rlb@ipv.sx>
Richard,
Quick question for you re: ACME - why did you decide to not use the JWS
base64-encoding mechanism in the signature for ACME? Particularly,
you've specified multiple canonicalization mechanisms (signature-input).
The reason I'm asking is because we're trying to get some insight into
whether or not the base64-encoded approach should be used when digitally
signing credentials in the Credentials Community Group, or if you
suggest we specify our own canonicalization mechanism and re-use the JWS
alg/nonce/sig fields?
On 11/28/2014 09:04 AM, Anders Rundgren wrote:
> https://github.com/letsencrypt/acme-spec/blob/master/draft-barnes-acme.md
>
> {
> "type": "certificateRequest",
> "csr": "5jNudRx6Ye4HzKEqT5...FS6aKdZeGsysoCo4H9P",
> "signature": {
> "alg": "RS256",
> "nonce": "h5aYpWVkq-xlJh6cpR-3cw",
> "sig": "KxITJ0rNlfDMAtfDr8eAw...fSSoehDFNZKQKzTZPtQ",
> "jwk": {
> "kty":"RSA",
> "e":"AQAB",
> "n":"KxITJ0rNlfDMAtfDr8eAw...fSSoehDFNZKQKzTZPtQ"
> }
> }
> }
-- manu
--
Manu Sporny (skype: msporny, twitter: manusporny, G+: +Manu Sporny)
Founder/CEO - Digital Bazaar, Inc.
blog: The Marathonic Dawn of Web Payments
http://manu.sporny.org/2014/dawn-of-web-payments/
Received on Tuesday, 2 December 2014 05:02:34 UTC