Re: Upgraded JSON Signature System

On 2013-12-31 22:47, Frederick.Hirsch@nokia.com wrote:

Thanx Frederick,
I have updated the URL and authors section now:

https://openkeystore.googlecode.com/svn/resources/trunk/docs/jcs.html#Reference.XMLDSIG

It seems that there's no standard for references :-(

Regarding JCS itself it seems that at least the JOSE people believe that canonicalization should be avoided at any cost.
I personally can't imagine base-64 encoding everything:

https://openkeystore.googlecode.com/svn/resources/trunk/docs/keygen2.html#Sample.ProvisioningInitializationResponse

Anders




> Anders
>
> You might wish to reference XML Signature 1.1 - there have been two W3C Recommendations published  since the version you reference (2nd Edition and 1.1) and the updates include algorithm additions, clarifications, updates related to attacks etc. 
>
> Changes in 1.1  are summarized here: http://www.w3.org/TR/2013/NOTE-xmldsig-core1-explain-20130411/
>
> Changes in 2nd edition are summarized here: http://www.w3.org/TR/2008/REC-xmldsig-core-20080610/explain.html
>
> RFC 6931 https://datatracker.ietf.org/doc/rfc6931/ and XML Security Algorithm Cross Reference http://www.w3.org/TR/2013/NOTE-xmlsec-algorithms-20130411/ may also be useful to you.
>
> The appropriate XML Signature 1.1  reference is
>
> XMLDSIG-CORE1]
> D. Eastlake; J. Reagle; D. Solo; F. Hirsch; T. Roessler; K. Yiu. XML Signature Syntax and Processing Version 1.1. 11 April 2013. W3C Recommendation. URL: http://www.w3.org/TR/2013/REC-xmldsig-core1-20130411/
>
>
> regards, Frederick
>
> Frederick Hirsch
> Nokia
>
>
>
> On Dec 20, 2013, at 10:58 PM, ext Anders Rundgren wrote:
>
>> https://openkeystore.googlecode.com/svn/resources/trunk/docs/jcs.html
>> http://webpki.org/downloads/secure-json-4-android-v1.00.zip
>>
>> New and complete spec. in HTML5.
>>
>> Anders
>>

Received on Wednesday, 1 January 2014 07:21:29 UTC