- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sun, 7 May 2017 07:36:08 +0200
- To: W3C Credentials Community Group <public-credentials@w3.org>
Before you decide on signature format I suggest that you evaluate an alternative which: - Builds on ES6 serialization making JSON.stringify() and JSON.parse() the only "algorithms" needed for canonicalization - Supports a subset of the JOSE signature algorithms (JWA) - Supports a subset of the JOSE key descriptor (JWK) - Does not shroud data or headers in Base64 { "firstName": "Luke", "familyName": "Skywalker", "origin": "Alderaan", "signature": { "algorithm": "ES256", "publicKey": { "kty": "EC", "crv": "P-256", "x": "vlYxD4dtFJOp1_8_QUcieWCW-4KrLMmFL2rpkY1bQDs", "y": "fxEF70yJenP3SPHM9hv-EnvhG6nXr3_S-fDqoj-F6yM" }, "value": "Y3Y_O0500a2S2qt11Wx7SxPtIw_hcwMwTOkCaxXKgSgnGXRvSt_96a3Daq0jzqf2ROFvPIiAWGIVtKWxtPMPuw" } } On-line testing: https://mobilepki.org/jcs Specification: https://cyberphone.github.io/doc/security/jcs.html Code: https://github.com/cyberphone/openkeystore
Received on Sunday, 7 May 2017 05:36:44 UTC