- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sat, 27 May 2017 15:07:35 +0200
- To: public-webapps <public-webapps@w3.org>
I have written about this before but here is an update that may be of some interest. The IETF JOSE WG finished their work on JSON based cryptographic solutions 2015. Although a truly awesome piece of work, the JOSE WG didn't really consider systems based on JSON messaging which has lead to a bunch of external developments having one thing in common; they do not wrap messages in Base64. Anyway, I have tried (to the best of my ability...) reusing as much as possible of the JOSE stack in a recently upgraded version of JCS (JSON Cleartext Signature): https://cyberphone.github.io/doc/security/jcs.html JCS combines ES6 (JavaScript version 6) JavaScript/JSON Serialization with JWA (JSON Web Algorithms) and JWK (JSON Web Key). That is, JCS is firmly based on industry standards, only the "packaging" is special. I consider the current incarnation as ready. It already runs on some of the most popular platforms out there including Chrome, Node.js, Android *, Java *. Anders https://cyberphone.github.io/doc/security/jsonsignatures.html * With the help of a free support library
Received on Saturday, 27 May 2017 13:08:10 UTC