- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Wed, 18 Sep 2013 23:40:21 +0200
- To: public-webpayments@w3.org
- Message-ID: <523A1DC5.6070907@gmail.com>
I have "amused" myself with some initial conversions of KeyGen2 from XML to JSON.
The following shows one of the ten KeyGen2 message objects:
{
"@context": "http://xmlns.webpki.org/keygen2/201309018",
"@qualifier": "KeyCreationRequest",
"ServerSessionID": "S-140f2b70a3e4eefe1627b141e20",
"ClientSessionID": "C-140f2b70ba0812f22188454b453",
"SubmitURL": "http://issuer.example.com/keygen",
"PUKPolicy":
[{
"ID": "PUK.1",
"Format": "numeric",
"RetryLimit": 3,
"Value": "mjRuOhjhtfg6d6d51Oqw",
"MAC": "xPr65fxq5hwvUX94Btpp5tey+yHH9iBrMLO7wQ2k5/0=",
"PINPolicy":
[{
"ID": "PIN.1",
"Grouping": "shared",
"Format": "numeric",
"MinLength": 4,
"MaxLength": 8,
"RetryLimit": 3,
"PatternRestrictions": ["three-in-a-row","sequence"],
"MAC": "Hlzek4waNiqnWwrK83cvHE6MyoQh7N5frLEH4I3DpZ0=",
"KeyEntry":
[{
"ID": "Key.1",
"KeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#ec.p256",
"AppUsage": "authentication",
"MAC": "idpbhr/L/4BnaLaxz5VJHC4/XPoyp3kR/s7Dcb7ywTM="
},
{
"ID": "Key.2",
"KeyAlgorithm": "http://xmlns.webpki.org/sks/algorithm#rsa2048",
"AppUsage": "encryption",
"MAC": "6KCho59vdV3hyXlKaQl3HQFPO32GzfXFbkJh4jsbQKA="
}]
}]
}]
}
This should be interpreted as a request for the client to create an EC key and an RSA key where both keys are protected by a single (shared) user-defined (within the specified policy limits) PIN. The PIN is in turn governed by an issuer-defined, protocol-wise secret PUK.
Since multiple instances of properties is considered as a bad JSON practice, arrays have been used instead.
For those who are versed in XML Schemas, @context is essentially the same as targetNameSpace while @qualifier represents an "emulation" of the top-level element in an XML instance document.
The original version in XML looks considerably cooler but machines probably don't care :-)
Cheers,
Anders
Received on Wednesday, 18 September 2013 21:40:55 UTC