Re: [w3c/webpayments-methods-tokenization] Proposal for dealing with Signed and Unsigned data (#23) from Anders Rundgren on 2017-12-23 (public-webpayments-specs@w3.org from December 2017)

From: Anders Rundgren <notifications@github.com>
Date: Sat, 23 Dec 2017 20:21:50 +0000 (UTC)
To: w3c/webpayments-methods-tokenization <webpayments-methods-tokenization@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/webpayments-methods-tokenization/issues/23/353746105@github.com>

@mattsaxon Here is the same thing in a JCS version in preparation which adopts the JWS attributes, JWK, and JWA:
```json
{
  "mySignedData": "something",
  "myUnsignedData": "something else",
  "signature": {
    "alg": "ES256",
    "jwk": {
      "kty": "EC",
      "crv": "P-256",
      "x": "_gow8fcS3Dx9z6j57U5q8tunnRBdrgLU9A7CZTYCnqU",
      "y": "bdfJGraBVL5aPj38TG4tHwxpU2VKwG1XBp0wQfCLOFQ"
    },
    "excl": ["myUnsignedData"],
    "val": "nVnZtJUdUktFRdDLEchf .... tfe7j-jhirzZ9t50qSvLudpo2pw"
  }
}
```
Compared to the original JWS both the _Data_ the and the _Header_ (keys, algorithms) are in clear.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/w3c/webpayments-methods-tokenization/issues/23#issuecomment-353746105

Received on Saturday, 23 December 2017 20:22:15 UTC