- From: Anders Rundgren <anders.rundgren@telia.com>
- Date: Sat, 31 Aug 2013 05:22:58 +0200
- To: "public-identity@w3.org" <public-identity@w3.org>
Hi,
Based on the _extremely_ useful feedback received, I have decided to update the proposed clear-text JSON Signature scheme.
Canonicalization:
- Remove whitespace
- Unescape "strings"
- Sort properties
Signature scope: a JSON Signature signs the object (including possible child objects) it is declared in.
That is, the final XML DSig "leftover", the awkward Reference has been shelved.
I expect the resulting code to be even shorter than today :-)
{
"@context": "http://example.com/test-signature",
"Now": "2013-08-30T07:56:08+02:00",
"ID": "lADU_sO067Wlgoo52-9L",
"STRINGS": ["One","Two","Three"],
"EscapeMe": "A\\\n\"",
"Intra": 78,
"Signature":
{
"SignatureInfo":
{
"Algorithm": "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256",
"KeyInfo":
{
"SignatureCertificate":
{
"Issuer": "CN=Demo Sub CA,DC=webpki,DC=org",
"SerialNumber": 1377713637130,
"Subject": "CN=example.com,O=Example Organization,C=US"
},
"X509CertificatePath":
[
"MIIClzCCAX+gAwIBAgIG...RBYG3uk9W/uNIHdoyQn19w=="
]
}
},
"SignatureValue": "MEYCIQCCAxLBoPw5h8hW4M...L5t0XscOTPWXE67c1SCT"
},
}
The sample shows the new KeyGen2 message structure which has been derived from JSON-LD (@context)
Cheers
Anders
Received on Saturday, 31 August 2013 03:23:38 UTC