[jose] signing an existing JWT
Dick Hardt <dick.hardt@gmail.com> Mon, 29 October 2012 15:57 UTC
Return-Path: <dick.hardt@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CEB1821F8745 for <jose@ietfa.amsl.com>; Mon, 29 Oct 2012 08:57:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.599
X-Spam-Level:
X-Spam-Status: No, score=-3.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F7XfEBIxdgOC for <jose@ietfa.amsl.com>; Mon, 29 Oct 2012 08:57:20 -0700 (PDT)
Received: from mail-da0-f44.google.com (mail-da0-f44.google.com [209.85.210.44]) by ietfa.amsl.com (Postfix) with ESMTP id F3FC321F8738 for <jose@ietf.org>; Mon, 29 Oct 2012 08:57:19 -0700 (PDT)
Received: by mail-da0-f44.google.com with SMTP id h15so2419969dan.31 for <jose@ietf.org>; Mon, 29 Oct 2012 08:57:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:content-type:content-transfer-encoding:subject:message-id:date :to:mime-version:x-mailer; bh=L5THid73l+7zHEzehEcfZ3wlB+rMXUk2/iU+k+6EhmY=; b=Ff3emHVBdifkuSVgBGONTMxX8pEpHQSJ5WjOLoatOQm7S9ZcNE+GD7hgku1p+i3I/v vu+cYhG4cUfOkNsqmb+pFynwoGfbxZCuR+4XwAv6Jzx2LweFG4MUOPYcHrDpNe0/tihn aJ+OY1KkbFNSD9zcKpg3xlCj0TMtNpqFJqWS9hruiJeJvV8nGyRRlagTCH0BaaqVPiRe /Jt9R0h22z2Xh877f+t9rhNb5R2fd+CrrKqPnGpCjIyxbfQ8TFjkj3O4Gr2UlQRt6eoh jh1PQt0iqinEmq+4SET3v91TTlC1+vwOhmMiwUcZyc+XNjCCj146Fc7axGcXiWQK77jk 5fmA==
Received: by 10.66.88.197 with SMTP id bi5mr83964113pab.58.1351526239756; Mon, 29 Oct 2012 08:57:19 -0700 (PDT)
Received: from [10.0.0.4] (c-24-5-69-173.hsd1.ca.comcast.net. [24.5.69.173]) by mx.google.com with ESMTPS id a4sm5789604pax.12.2012.10.29.08.57.12 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 29 Oct 2012 08:57:14 -0700 (PDT)
From: Dick Hardt <dick.hardt@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <E49DC4E2-6F5F-4C84-955F-BE3EE9EE34A9@gmail.com>
Date: Mon, 29 Oct 2012 08:57:11 -0700
To: jose@ietf.org
Mime-Version: 1.0 (Mac OS X Mail 6.2 \(1499\))
X-Mailer: Apple Mail (2.1499)
Subject: [jose] signing an existing JWT
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 29 Oct 2012 15:57:20 -0000
Let's say we have created a JWE as such: headerOne.encryptedKeyOne.initializationVectorOne.ciphertextOne.integritityVectorOne This is now the payload to a JWS. Rather than increasing the token size by 4/3 by URL safe base 64 encoding the payload (since it is already URL safe), it would be useful to have a JWS header parameter that indicates the payload was not re-encoded and does not need to be URL safe base 64 decoded. As there are more periods than expected in a JWS, decoding would ignore all periods except the first and last one for separating out the header, payload and signature. The indicating parameter would seem to be either "tip" or "cty". I'm still confused about the difference between the two parameters, so not sure which one is appropriate. -- Dick
- [jose] signing an existing JWT Dick Hardt
- Re: [jose] signing an existing JWT Axel Nennker
- Re: [jose] signing an existing JWT Dick Hardt