[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: JOSE Signatures added. Re: Local signatures using WebCrypto++
The IETF and W3C claims that all parameter- and message- data MUST be Base64-encoded in a credible signature scheme. I guess this is the opposite to XML DSig which builds on an extremely elaborate (and provably brittle) canonicalization scheme. Personally I have found that if you do certain (IMO "reasonable") assumptions about JSON parsers, you can get away from both Base64 and canonicalization. Anyway, the demo now runs all three different approaches just in case :-) On 2014-11-19 18:07, Anders Rundgren wrote:
F.Y.I. The following demo application shows another take on local signatures: https://mobilepki.org/WCPPSignatureDemo The core concept also supports "untrusted" requesters like merchants: https://mobilepki.org/WebCryptoPlusPlus WebCrypto++ (if ever realized) requires massive changes in the underpinning client platforms, but it is fairly easy writing code for such applications :-| Anyway, Microsoft has also put out a proposal in this space https://www.w3.org/2012/webcrypto/wiki/images/d/dd/CertAndKey_Management_Requirements_for_WebCrypto_microsoft.pdf so it seems that local signatures are getting more attention that before. Cheers, Anders Rungren
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]