- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Thu, 14 Jan 2016 07:50:38 +0100
- To: Web Payments IG <public-webpayments-ig@w3.org>
The samples below should be comparable with respect to securing the integrity of the payload and the signature parameters, but they obviously differ a lot in the way they get the work done. JCS was developed to match information-rich, multi-signature schemes like https://www.w3.org/Payments/IG/wiki/Main_Page/ProposalsQ42015/SCAI#The_SCAI_line and similar. JCS has recently been upgraded to match ECMAScript revision 6. JSON Cleartext Signature (JCS): https://cyberphone.github.io/openkeystore/resources/docs/jcs.html#ECMAScript_Compatibility_Mode var signedObject = { // The data statement: "Hello signed world!", otherProperties: [2000, true], // The signature signature: { algorithm: "ES256", publicKey: { type: "EC", curve: "P-256", x: "vlYxD4dtFJOp1_8_QUcieWCW-4KrLMmFL2rpkY1bQDs", y: "fxEF70yJenP3SPHM9hv-EnvhG6nXr3_S-fDqoj-F6yM" }, value: "2H__TkcV28QpGWPkyVbR1CW0I8L4xARrVGL0LjOeHJLOPozdzRqCTyYfmAippJXqdzgNAonnFPVCSI5A6novMQ" } }; JSON Web Signature (JWS): https://tools.ietf.org/rfc/rfc7515.txt var signedObject = { "payload": "eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ", "protected": "eyJhbGciOiJFUzI1NiJ9", "signature": "DtEhU3ljbEg8L38VWAfUAqOyKAM6-Xx-F4GawxaepmXFCgfTjDxw5djxLa8IS lSApmWQxfKTUJqPP3-Kg6NU1Q" }; Anders
Received on Thursday, 14 January 2016 06:51:19 UTC