- From: Anders Rundgren <anders.rundgren.net@gmail.com>
- Date: Sat, 17 Oct 2015 09:22:58 +0200
- To: public-xmlsec-comments@w3.org
If I interpret the note correctly XML Signature didn't fully make it to V2. As you also probably know the IETF has finished the JWS (JSON Web Signature) specifications. So it seems that there's nothing more to do, right? Well, not really, unlike XML Signatures, JWS only signs "data" which has no relation to (and integration) in JSON objects. This is fine for a bunch of applications but is unlikely to attract for example folks working with business messaging. They will be forced/tempted creating their own JSON signature standards. This is what I'm proposing: https://lists.w3.org/Archives/Public/public-web-security/2015Oct/0009.html The proposal would (as a minimum) not be a format but rather an optional characteristic of JSON serializers. Cheers, Anders
Received on Saturday, 17 October 2015 07:23:30 UTC