- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Mon, 8 May 2017 17:13:07 +0200
- To: Manu Sporny <msporny@digitalbazaar.com>, Adrian Hope-Bailie <adrian@hopebailie.com>, "Stone, Matt" <matt.stone@pearson.com>
- Cc: Credentials Community Group <public-credentials@w3.org>
On 2017-05-08 15:47, Manu Sporny wrote: <snip> > ... If it /did/ end up being a blocker, we'd > basically define a JSON canonicalization algorithm that recursively > sorts all keys in lexicographical order and then serializes using no > spaces/padding/etc. > > So, Anders, the canonicalization algorithm would basically be what > you've been touting for a while now. Well, I'm (after one of the JOSE guys pointed me to it...), rather advocating JSON.stringify() using the ES6 specification which in a compliant JSON implementation means "do nothing". Yes, I'm super lazy :-) > On 05/08/2017 07:26 AM, Adrian Hope-Bailie wrote: >> Any progress on this? > Yes, I think we have a solution that seems to be drawing no objections > as of today. IMO, mixing two designs with quite different roots seems less than ideal. The solution certainly works but looks like a kludge to me. I would consider using JWS detached undecoded signatures "as is" and scrap "creator" and "RsaSignature2017". The latter would then be replaced by a crypto-neutral name like "RdfSignature2017". That is, the only thing needed specification-wise would be that "signatureValue" (which then would hold a complete JWS object), must be extracted and deleted from the input data set during validation. thanx, Anders
Received on Monday, 8 May 2017 15:13:43 UTC