- From: David Chadwick <d.w.chadwick@kent.ac.uk>
- Date: Mon, 02 Sep 2013 09:08:35 +0100
- To: Anders Rundgren <anders.rundgren@telia.com>
- CC: "public-identity@w3.org" <public-identity@w3.org>
Hi Anders
I am interested in the contents of the "X509CertificatePath" element.
Which certificates does it contain in which order? Does it contain
multiple paths? Is it taken from any standard definition (such as the
OASIS J2ME Code-Signing Profile of the OASIS Digital Signature Services
Standard of 11 April 2007)
regards
David
On 31/08/2013 04:22, Anders Rundgren wrote:
> Hi,
> Based on the _extremely_ useful feedback received, I have decided to update the proposed clear-text JSON Signature scheme.
>
> Canonicalization:
> - Remove whitespace
> - Unescape "strings"
> - Sort properties
>
> Signature scope: a JSON Signature signs the object (including possible child objects) it is declared in.
>
> That is, the final XML DSig "leftover", the awkward Reference has been shelved.
> I expect the resulting code to be even shorter than today :-)
>
> {
> "@context": "http://example.com/test-signature",
> "Now": "2013-08-30T07:56:08+02:00",
> "ID": "lADU_sO067Wlgoo52-9L",
> "STRINGS": ["One","Two","Three"],
> "EscapeMe": "A\\\n\"",
> "Intra": 78,
> "Signature":
> {
> "SignatureInfo":
> {
> "Algorithm": "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256",
> "KeyInfo":
> {
> "SignatureCertificate":
> {
> "Issuer": "CN=Demo Sub CA,DC=webpki,DC=org",
> "SerialNumber": 1377713637130,
> "Subject": "CN=example.com,O=Example Organization,C=US"
> },
> "X509CertificatePath":
> [
> "MIIClzCCAX+gAwIBAgIG...RBYG3uk9W/uNIHdoyQn19w=="
> ]
> }
> },
> "SignatureValue": "MEYCIQCCAxLBoPw5h8hW4M...L5t0XscOTPWXE67c1SCT"
> },
> }
>
> The sample shows the new KeyGen2 message structure which has been derived from JSON-LD (@context)
>
> Cheers
> Anders
>
Received on Monday, 2 September 2013 08:08:47 UTC