Re: [jose] "x5c" - JSON Compatible?
Anders Rundgren <anders.rundgren.net@gmail.com> Tue, 13 January 2015 18:53 UTC
Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 117871A90D9 for <jose@ietfa.amsl.com>; Tue, 13 Jan 2015 10:53:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q90LDCrd7nz1 for <jose@ietfa.amsl.com>; Tue, 13 Jan 2015 10:53:06 -0800 (PST)
Received: from mail-wi0-x234.google.com (mail-wi0-x234.google.com [IPv6:2a00:1450:400c:c05::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41EE41A90F1 for <jose@ietf.org>; Tue, 13 Jan 2015 10:53:06 -0800 (PST)
Received: by mail-wi0-f180.google.com with SMTP id n3so6040690wiv.1 for <jose@ietf.org>; Tue, 13 Jan 2015 10:53:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=NeXkQOxwZ7iivs41ZWNv6oWal1OgguxXrkp+PN5iVMw=; b=tnuEkCxyLIfHBZM0qnySNux+z4v3+2labUFP6QxU1nPNSB0DsNbylZATsHlFpkLOG+ 6sotvO5umAjidUQkVaGCpz0dmCmaPO9u6Xk55722Ys8WhT8zP1I4a2bbP3Op1J1WV/FI niFA46kjfvjaz9rbriLfrYEuFtile2tF6mAZ6sDDCkKX+iixZ69Z/jGcx6wRKIaybdce r6qwH8Zrz7eHuc3KfxIdsB6u0FQ+SIm6BCovincdipVBsrCcuee2ZSSbH1OCd9Mis/xG 0RpGwpiwpavMeHIgNMQaU+hG2AxrH5uSaJDaSp7ROsVtE0rbtI/oA3WLy+Fye/eRnH6O ue3Q==
X-Received: by 10.180.87.36 with SMTP id u4mr42599710wiz.20.1421175184917; Tue, 13 Jan 2015 10:53:04 -0800 (PST)
Received: from [192.168.1.79] (48.194.130.77.rev.sfr.net. [77.130.194.48]) by mx.google.com with ESMTPSA id u13sm26806578wjr.26.2015.01.13.10.53.03 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 13 Jan 2015 10:53:04 -0800 (PST)
Message-ID: <54B5698A.8020203@gmail.com>
Date: Tue, 13 Jan 2015 19:52:58 +0100
From: Anders Rundgren <anders.rundgren.net@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: Mike Jones <Michael.Jones@microsoft.com>
References: <54B4ED80.2060501@gmail.com> <CAL02cgRQEnM+d4CnwxR=HL1QOQbS6fQyU894spv2Wj-zFhi4Hg@mail.gmail.com> <54B50BF4.5080709@gmail.com> <CAEnTvdA853xqpzJb0_Skjbg1RT3zngAwzU6iEiB0OQzDP5hUVQ@mail.gmail.com> <4E1F6AAD24975D4BA5B16804296739439BC6C0D3@TK5EX14MBXC287.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B16804296739439BC6C0D3@TK5EX14MBXC287.redmond.corp.microsoft.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/1QpJMMP8cOCzp-PgxTDFAkPucMc>
Cc: "jose@ietf.org" <jose@ietf.org>
Subject: Re: [jose] "x5c" - JSON Compatible?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Jan 2015 18:53:09 -0000
On 2015-01-13 19:33, Mike Jones wrote:
> We should add the standard disclaimer “(with line breaks within values for display purposes only)” to the description of the example.
Hi Mike,
I would consider something along these lines since Base64 differs from
the other elements:
The JSON array below is an example of a certificate chain that could
be used as the value of an "x5c" (X.509 Certificate Chain) Header
Parameter, per Section 4.1.6. Note that since these strings contain
base64 encoded (not base64url encoded) values, they are allowed to
contain white space and line breaks but JSON [RFC7159] character
escape rules MUST still be honored. In the example line breaks
were added for display purposes only.
["MIIE3jCCA8agAwIBAgICAwEwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCVVM
xITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR2
8gRGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExM
Anders
>
> -- Mike
>
> *From:*jose [mailto:jose-bounces@ietf.org] *On Behalf Of *Mark Watson
> *Sent:* Tuesday, January 13, 2015 8:53 AM
> *To:* Anders Rundgren
> *Cc:* Richard Barnes; jose@ietf.org
> *Subject:* Re: [jose] "x5c" - JSON Compatible?
>
> On Tue, Jan 13, 2015 at 4:13 AM, Anders Rundgren <anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> wrote:
>
> On 2015-01-13 12:35, Richard Barnes wrote:
>
>
>
> On Tuesday, January 13, 2015, Anders Rundgren <anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com> <mailto:anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>>> wrote:
>
> The spec claims the following:
>
> "Note that since these strings contain base64 encoded
> (not base64url encoded) values, they are allowed to contain
> white space and line breaks."
>
> Is this really JSON compliant?
>
> I didn't interpret the JSON spec in that way and Python and Chrome seems to agree with me.
>
> What's I'm missing here?
>
>
> Are you seriously suggesting that JSON strings can't contain white space?
>
> Control characters have to be escaped, but they can definitely be there.
>
> JSON.parse('["this is...\\u000A...a string"]')
>
>
> Sure, but the example in appendix B wouldn't parse.
> Shouldn't a proper text say that possible line-breaks MUST be properly escaped.
>
> Line breaks in JSON do have to be escaped, either as above or with \r \n. This is clear at www.json.org <http://www.json.org>.
>
> …Mark
>
>
> Anders
>
>
> --Richard
>
>
> Cheers
> Anders
>
> _________________________________________________
> jose mailing list
> jose@ietf.org <mailto:jose@ietf.org>
> https://www.ietf.org/mailman/__listinfo/jose <https://www.ietf.org/mailman/listinfo/jose>
>
>
> _______________________________________________
> jose mailing list
> jose@ietf.org <mailto:jose@ietf.org>
> https://www.ietf.org/mailman/listinfo/jose
>
- Re: [jose] "x5c" - JSON Compatible? Richard Barnes
- [jose] "x5c" - JSON Compatible? Anders Rundgren
- Re: [jose] "x5c" - JSON Compatible? Anders Rundgren
- Re: [jose] "x5c" - JSON Compatible? Mark Watson
- Re: [jose] "x5c" - JSON Compatible? Mike Jones
- Re: [jose] "x5c" - JSON Compatible? Anders Rundgren
- Re: [jose] "x5c" - JSON Compatible? John Bradley
- Re: [jose] "x5c" - JSON Compatible? Mike Jones
- Re: [jose] "x5c" - JSON Compatible? John Bradley
- Re: [jose] "x5c" - JSON Compatible? Anders Rundgren