Updated: Re: Giving up on XML DSig => JSON

Based on the _extremely_ useful feedback received, I have decided to update the proposed clear-text JSON Signature scheme.

- Remove whitespace
- Unescape "strings"
- Sort properties

Signature scope: a JSON Signature signs the object (including possible child objects) it is declared in.

That is, the final XML DSig "leftover", the awkward Reference has been shelved.
I expect the resulting code to be even shorter than today :-)

    "@context": "http://example.com/test-signature",
    "Now": "2013-08-30T07:56:08+02:00",
    "ID": "lADU_sO067Wlgoo52-9L",
    "STRINGS": ["One","Two","Three"],
    "EscapeMe": "A\\\n\"",
    "Intra": 78,
            "Algorithm": "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256",
                    "Issuer": "CN=Demo Sub CA,DC=webpki,DC=org",
                    "SerialNumber": 1377713637130,
                    "Subject": "CN=example.com,O=Example Organization,C=US"
        "SignatureValue": "MEYCIQCCAxLBoPw5h8hW4M...L5t0XscOTPWXE67c1SCT"

The sample shows the new KeyGen2 message structure which has been derived from JSON-LD (@context)



Received on Saturday, 31 August 2013 18:58:15 UTC