IETF Logo Mail Archive

Re: [jose] Does JWS signature relate with JWS payload?

Beth Lee <bethleekor@gmail.com> Fri, 23 February 2018 09:14 UTC

Return-Path: <bethleekor@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7A52126BF0 for <jose@ietfa.amsl.com>; Fri, 23 Feb 2018 01:14:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iEvuoexf46uT for <jose@ietfa.amsl.com>; Fri, 23 Feb 2018 01:14:05 -0800 (PST)
Received: from mail-qk0-x231.google.com (mail-qk0-x231.google.com [IPv6:2607:f8b0:400d:c09::231]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DE2331243FE for <jose@ietf.org>; Fri, 23 Feb 2018 01:14:04 -0800 (PST)
Received: by mail-qk0-x231.google.com with SMTP id s198so9989606qke.5 for <jose@ietf.org>; Fri, 23 Feb 2018 01:14:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Hg6kTkYVLtEP2wkbWsoI/pFnUB5H/8be1cpwrI7T6Lw=; b=jFSwc6S1I3D4L7Qlfym1gtCb9eTSJFIS47gEmgob5LHcOIqOlK3TCAZgpuzfBI38Wq 1zIf4j/N/THmF2YKsXW5ofGhfw+8ZcvsTb3UvPC3f7l9qww985sQiXncMfFXz1s9XXNQ uRMMB9kvpcXZOQU0CNa02CHzyk9GXRiF8X6f1UEROUtnyBoI/WyHoGPIj/cA2PlXgQ2s ix2kRGLFboDPDohQuZgJGHVkP/t80/MzNYm4xyOrhVGVXFu6UdWnIOLqeHiurcWp4iLs M3+MQPa0aOTZ/8+33/LPDAaB+s+qp61OBWmLKNiw79bHsAOK6KDTMf+U9JhAsI9dYucC Q/lA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Hg6kTkYVLtEP2wkbWsoI/pFnUB5H/8be1cpwrI7T6Lw=; b=ledyUiL7HpMNR9ImMuoNOvsj7BU6DQ9ILj2Q44igdciDtuV26EnDR7/Asl82MdNSzU H30+r6io2NJsWcb/+0SXnjagYAFnzTGQjLh1Ok6ifyQpg1/i/Hk4VfiClfNlxycbwc5o j3PScBvGKjBxb4hF2+eBrt50HlFKYZpzKLQYzx/uq+Y0dwDbRTQK4oiq6rkSTa7NGote kNsWbb+ktNaqEE61WaoIBS3avKQ5h2GkMAZHjOqCSasTa1ExnZwEAFXx5nFhdZSzWzrG e6Kp/73Kmg7o1k/MRkYHPp02iRT0lWbwf/grp/AQPp8dfVWobxDkrAkr41ydaaj37Dg6 49Eg==
X-Gm-Message-State: APf1xPBiVyIV9QKCZIVHlHrvUfLBGboCd3EKgPDgHX0YSMezBouu6kJS Ioj8AYZHFwGI5DuYPCb2bAYqrPHaknUMlgNGa8U=
X-Google-Smtp-Source: AG47ELuhUGHXB3YBnBlzKq7u/QxLbQ1ybzQx//N3GjimctGEi4p8st4nfS0AzT1ywxb3H5zjebZfIhp1HQ9ptdTXdGM=
X-Received: by 10.55.94.4 with SMTP id s4mr1560805qkb.156.1519377244066; Fri, 23 Feb 2018 01:14:04 -0800 (PST)
MIME-Version: 1.0
Received: by 10.237.53.27 with HTTP; Fri, 23 Feb 2018 01:14:03 -0800 (PST)
In-Reply-To: <TY1PR01MB105491BDB54998934A7DE0A5F9CC0@TY1PR01MB1054.jpnprd01.prod.outlook.com>
References: <CADawRBY8RMfMBbMS3maef1_q9nADUz6qzM-SvzhWzkn4+Uc-tQ@mail.gmail.com> <TY1PR01MB105491BDB54998934A7DE0A5F9CC0@TY1PR01MB1054.jpnprd01.prod.outlook.com>
From: Beth Lee <bethleekor@gmail.com>
Date: Fri, 23 Feb 2018 18:14:03 +0900
Message-ID: <CADawRBb-hd6_y9kjE5mxN4Lnd_4BnUTXTktoHO5ZwEYsmhnXAg@mail.gmail.com>
To: n-sakimura <n-sakimura@nri.co.jp>
Cc: "jose@ietf.org" <jose@ietf.org>
Content-Type: multipart/alternative; boundary="001a114e632ae9988a0565dd94b7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/43Rgeijs0uiaWwwrHU-ml7lLdzc>
X-Mailman-Approved-At: Fri, 23 Feb 2018 08:28:38 -0800
Subject: Re: [jose] Does JWS signature relate with JWS payload?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Feb 2018 09:14:06 -0000

Thank you so much for answering my question.

Finally, I can solve my question.

Thank you again.

Best regards,
Jin.

2018-02-23 15:02 GMT+09:00 n-sakimura <n-sakimura@nri.co.jp>:

> Hi
>
>
>
> JWS Signature is the signature only. It does not repeat the payload.
>
>
>
> Best,
>
>
>
> Nat Sakimura
>
>
>
> *From:* jose [mailto:jose-bounces@ietf.org] *On Behalf Of *Beth Lee
> *Sent:* Thursday, February 22, 2018 11:36 AM
> *To:* jose@ietf.org
> *Subject:* [jose] Does JWS signature relate with JWS payload?
>
>
>
> Hi. I'm Jin.
>
>
>
> I have curious about JWS signatrue in JWT.
>
>
>
> I already read the JWT spec inforation from https://www.rfc-editor.org/
> rfc/rfc7515.txt
>
> But I'm still confusted about JWS signatrue contains or relate with JWS
> Payload value or not.
>
>
>
> I knew that JWT contained with 3 part. (JOSE Header, JWS Payload, JWS
> Signatrue)
>
>
>
> When I read the spec information.
>
> I understood that JWS signature value doesn't contain the JWS payload
> value.
>
>
>
> Am I right? Then how can I check data integrity based on JSW signature ?
>
> (I guess I'm not right.)
>
>
>
> I really want to solve my question but I can't reache the answers.
>
>
>
> So please give me some advice.
>
>
>
> Best regards,
>
> Jin
>

v2.23.0 | Report a Bug | By Email