- From: Jeffrey Walton <noloader@gmail.com>
- Date: Sat, 31 Aug 2013 15:51:03 -0400
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- Cc: "public-webcrypto-comments@w3.org" <public-webcrypto-comments@w3.org>
On Sat, Aug 31, 2013 at 2:57 PM, Anders Rundgren
<anders.rundgren.net@gmail.com> wrote:
> Hi,
> Based on the _extremely_ useful feedback received, I have decided to update the proposed clear-text JSON Signature scheme.
>
> Canonicalization:
> - Remove whitespace
> - Unescape "strings"
> - Sort properties
>
> Signature scope: a JSON Signature signs the object (including possible child objects) it is declared in.
>
> That is, the final XML DSig "leftover", the awkward Reference has been shelved.
> I expect the resulting code to be even shorter than today :-)
>
> {
> "@context": "http://example.com/test-signature",
> "Now": "2013-08-30T07:56:08+02:00",
> "ID": "lADU_sO067Wlgoo52-9L",
> "STRINGS": ["One","Two","Three"],
> "EscapeMe": "A\\\n\"",
> "Intra": 78,
This format will also benefit from a "version" hint (its just a hint
until the signature is verified). It will be useful to determine
message handling as the rules change over time because people don't
follow the rules or make rules up as they go.
Jeff
Received on Saturday, 31 August 2013 19:51:30 UTC