Re: [dispatch] Other uses of JCS (JSON Canonicalization Scheme)
Anders Rundgren <anders.rundgren.net@gmail.com> Mon, 20 May 2019 06:30 UTC
Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 217391200C4 for <dispatch@ietfa.amsl.com>; Sun, 19 May 2019 23:30:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.809
X-Spam-Level:
X-Spam-Status: No, score=0.809 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RAZOR2_CF_RANGE_51_100=1.886, RAZOR2_CHECK=0.922, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B7yi5wGf7i6k for <dispatch@ietfa.amsl.com>; Sun, 19 May 2019 23:30:33 -0700 (PDT)
Received: from mail-wr1-x443.google.com (mail-wr1-x443.google.com [IPv6:2a00:1450:4864:20::443]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7EFDE120041 for <dispatch@ietf.org>; Sun, 19 May 2019 23:30:33 -0700 (PDT)
Received: by mail-wr1-x443.google.com with SMTP id s17so13146351wru.3 for <dispatch@ietf.org>; Sun, 19 May 2019 23:30:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=NbtT6Ui0lzSQkFKnZpfbA/hl474DMX7Ytf6FrVvkeCQ=; b=b5SfgkiVCCMfOZ9OOz5EMKcYv/T9t9jPlgzul2W8rXzd79pfOo9y6992za2KGc9ECO 32Bk9wyuZrQrpJ6ABjlXhiTyT7DioQQJ8LBbyzoKP/j2aZ9GrYqbPfQKJbgW40gDVWJ9 QEvDv7dZLz3+ZnWpm2satwW9IIypxpe7xL/bDOKseSIOxvEfTV0KJH42pz/kGfPsOqfa j5CI3MT3HsuJmS8lA2X0mOqUTTlGA78iFrwkarnHq6+KR4K5vEISOlXl1WvAf0fAINgC sz54XOJiixfOtqnnlYhV+2rXRpwxShI7L1A+gejG0dcM+0P2q62zayyZG1bDTTTUnb1I QdqA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=NbtT6Ui0lzSQkFKnZpfbA/hl474DMX7Ytf6FrVvkeCQ=; b=KxVIZC4wSZy0sZoNYVjIJnARhszrtE8EupPjDJXnCd2NBasNwCoBCqPbkoy8IEMicz DZxG3DVrLkJmbmeIhx68KgcQ8pGtBAqTRhbz8Ym8pC9f48Ls3Zjnf+c+Uc1JiXhEZJci 05Uh2V1nikVL1KJPqyehB07bG6Amsyakv11KLn1swVlg/tFxZ8taJBBG+xqrhEwl0Cem 0sAef0BWYxpDVUmkdJgZ+q2CgC2/vh9JJYC1Mnfcd1qVomcKqgBj3+KBKf33Az5PgJtq PNDZityuPN7IOBA1jirk18iSFJmpex9BuaRag9asXhJFrnJmzN8WPe9Kr1bzFKrv04gw c8uA==
X-Gm-Message-State: APjAAAXCq78b6si5lBIJX9medI2N6HGUHGWGOAoNHWkua/el5VWtlPW9 yO+mrxhsbpK4PJM2BIdhw1M=
X-Google-Smtp-Source: APXvYqxAiX96Xc72LN8xY3SWELeqKaLDCtFcR3fDQTG6CC+Ff4a15QMXXWKAaUkrJf7c5puOGeJCzw==
X-Received: by 2002:a5d:6b03:: with SMTP id v3mr14208854wrw.309.1558333831879; Sun, 19 May 2019 23:30:31 -0700 (PDT)
Received: from [192.168.1.79] (25.131.146.77.rev.sfr.net. [77.146.131.25]) by smtp.googlemail.com with ESMTPSA id k184sm36556116wmk.0.2019.05.19.23.30.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 19 May 2019 23:30:30 -0700 (PDT)
To: Anton Tveretin <tveretinas@yandex.ru>
Cc: DISPATCH list <dispatch@ietf.org>
References: <5926571558292225@myt1-bc8ef50fb490.qloud-c.yandex.net>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
Message-ID: <dcbb96ab-fdb7-deb4-1022-a9496e5b7c13@gmail.com>
Date: Mon, 20 May 2019 08:30:27 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <5926571558292225@myt1-bc8ef50fb490.qloud-c.yandex.net>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/pdOAfVFBNXOChXbv6Y9r9gD-NCU>
Subject: Re: [dispatch] Other uses of JCS (JSON Canonicalization Scheme)
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 May 2019 06:30:35 -0000
On 2019-05-19 20:57, Anton Tveretin wrote: Hi Anton, > This does not explain why anyone needs to inflate plain text documents of NGMTP-C9 [http://antontveretin.000webhostapp.com/ngmtp/] into JSON. If this http://antontveretin.000webhostapp.com/ngmtp/ngmtp_c9_cfdt.pdf is what you refer to I believe we are in different parts of the payment landscape. Saturn is exclusively dealing with the authorization of payments including acquiring the information needed to get the actual payment system (backend) to perform its task. These solutions are heavy into crypto and not particularly dense [1]. If you consider the four-corner model (Payee, Payee's Bank, Payer, Payer's Bank) all these entities must be be identified and secured in some way and that piece of the pudding is completely on fire these day, particularly with respect to the Payer and Payee. > And why does the data exchange bypass the (implied) payment system? As a payee, I need money and not "authorization". Right, but before that can happen authorization must happen in some way. This one-page "blueprint" illustrates the steps in my original posting: https://cyberphone.github.io/doc/saturn/saturn-authorization.pdf > Of course, there is nothing wrong with JCS and its usage. Maybe I will incorporate it into the next version of the NGMTP-C9, or conversely. This year the EU PSD2 directive gets into power which is intended to open the payment market. Since the directive was written by lawyers will minimal knowledge of what is technically and commercially possible, it seems like an excellent opportunity putting new things to work including JCS. A bunch of IETFers are "retrofitting" OAuth for this market and purpose while I'm rather "upgrading" the card concept [2]. If you or anybody else want to discuss payment [authorization] systems, please contact me privately. thanx, Anders 1] Authentic sample of step #3 in the "blueprint". It features a JCS-enhanced version of JWE providing encryption metadata in clear. { "@context": "https://webpki.github.io/saturn/v3", "@qualifier": "PayerAuthorization", "providerAuthorityUrl": "https://mobilepki.org/webpay-payerbank/authority", "paymentMethod": "https://bankdirect.net", "encryptedAuthorization": { "algorithm": "A256GCM", "encryptedKey": { "algorithm": "ECDH-ES", "publicKey": { "kty": "EC", "crv": "P-256", "x": "TfCrhFwZRU_ea7lUWwRi3HkuyT2yF9IxN5xKh2khjlk", "y": "nZFwxLP0TvFXD2xPKzRTIGevgLjpiMw2BP86hszj5x4" }, "ephemeralKey": { "kty": "EC", "crv": "P-256", "x": "KZX-u1p40KGQpWreSdLRa8qUfa8jV6FNXe9AAhxE7MI", "y": "NOPuK5tgM8BPZB5xHAGzK7R609RnLHYA-le_3vrKdmE" } }, "iv": "5cU6d7DgjRKQy87h", "tag": "daSM2zkSuXvk5sD2_fB5TQ", "cipherText": "LHJabqaB0ZCHOmnxuWiEHNZDNCabMg4Zkw8X7Uy4xvFYmV80Z7NtNg9auiX8dzRGYxdtXmzQXJZeMMen5jmn6jcw6v0p9uaGoGkIxMT3Clwp2elnJYHgz0iJU5aKfxHm6ArF77Jn45YrAF0ur9MbD3a-sZL6OG5w91rS4xOVvjXkqhtuxBTygkHgXovhHWfMqiW2f6C0-nBbwWvdyZ7FCNM7acaPRlrUsvkkZe8KNviJpn7Rh8LXDR8TV-ycH05kET4pnGFvvM4qAs9qyqNyQa4ppz7V0dWFs8OSKbNqliPSaehIhcgKH4m1fD58IU2xMAmjTLAOAHpNRIwdeYic_P9Lx1FYrIEj-5snaqwyrXIxiOEHUPa_K0VzyE2LyP_lFecw0e3dzsivT59Oi6aE9RdNuKw09TtRqYE6ljYlxRTtfuZw8ySpfMxhN1syEA34r0U7utb9ToDhjaRsoSqF_DE1ExFFaFu0OMLOmlq947nc11zNRaPyuALRpe4Qb1niGE5Y-FQAluz0KMCP5CXBLC6zM0VfgodImH536PZifJ_aHvYsn-GEVyC9AamG_LkUgR4b8Zm3bLsTfcWUngNiirZgQErsrfK2VIT54VKkB9LOlC-uDtiaPstYRyL31IPCAp6uIgiDUYzGZNUltLIlSsUNJkzM9DNSiO9SpLoLBT94BHz66r4ebcIPfzeCC1Lt-7YyW9vTF5aBQqIZrD9eh6hhl2vs8rXqJqnEcNUv8X_Xce3t8H5H73XVpgYAiMQ98_imPozrSpIVp0R8TPBtIY93fy1BvEQXzIYKxx0HLv-JfmJ-KQLNggVd3LvuDrJE-t2PfPWDCwXDk-ukIPNaWQWwk5seMURfBVqZKmp3" } } 2] Web UI emulator: https://cyberphone.github.io/doc/saturn/ui-demo
- [dispatch] Other uses of JCS (JSON Canonicalizati… Anders Rundgren
- Re: [dispatch] Other uses of JCS (JSON Canonicali… Bret Jordan
- Re: [dispatch] Other uses of JCS (JSON Canonicali… Anton Tveretin
- Re: [dispatch] Other uses of JCS (JSON Canonicali… Anders Rundgren