OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

dss-x-comment message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: JOSE Signatures added. Re: Local signatures using WebCrypto++

The IETF and W3C claims that all parameter- and message- data MUST be Base64-encoded
in a credible signature scheme.  I guess this is the opposite to XML DSig which builds
on an extremely elaborate (and provably brittle) canonicalization scheme.

Personally I have found that if you do certain (IMO "reasonable") assumptions
about JSON parsers, you can get away from both Base64 and canonicalization.

Anyway, the demo now runs all three different approaches just in case :-)

On 2014-11-19 18:07, Anders Rundgren wrote:
The following demo application shows another take on local signatures:

The core concept also supports "untrusted" requesters like merchants:

WebCrypto++ (if ever realized) requires massive changes in the underpinning
client platforms, but it is fairly easy writing code for such applications :-|

Anyway, Microsoft has also put out a proposal in this space
so it seems that local signatures are getting more attention that before.

Anders Rungren

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]