Re: [jose] Reducing the size of JWS payloads

Dirkjan Ochtman <> Wed, 19 December 2012 08:25 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 05DAB21F8594 for <>; Wed, 19 Dec 2012 00:25:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.977
X-Spam-Status: No, score=-2.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-1]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Gxy34y9nLQgt for <>; Wed, 19 Dec 2012 00:25:03 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id A9FC821F8A94 for <>; Wed, 19 Dec 2012 00:25:02 -0800 (PST)
Received: by with SMTP id b23so1998838vbz.12 for <>; Wed, 19 Dec 2012 00:25:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=bUZ5lULWZyOOalXbz/tOcOOtwnd4ZZBJmWZQWHqjWNw=; b=j8/10DzYTuvbvi8AqPlmSvXs2p99j26IGDQX2FwFlCujoTQGlyjW96iN1fZQfBAfce 8jOsoGkycswA1ueB98PvR/nrtdRF3GsBq4+ZNmtVM8qMTFvZ5N43mV7IN+y3Uyz38Mpp A0Wd0lC2tA9XNVHFAlDL2e+3dPjKTAPUB95uDW389FNkT11liQbExIs7P30oiWu6Jfeu kHI5kpF7mQZrQPxDEbEfEb9MbRiIZhcCjc7LU+KITr2GtSleLNg0Ss/34CWr5LGmwBwG oG6FYvGI2JZpcO3FUhIZ0+GmIDh91oxJPGHYz+gOpvF9N4EZSUTpxXYB7mcKZno7zlUQ qeeg==
Received: by with SMTP id d4mr6580954vdj.6.1355905502075; Wed, 19 Dec 2012 00:25:02 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Wed, 19 Dec 2012 00:24:42 -0800 (PST)
In-Reply-To: <>
References: <>
From: Dirkjan Ochtman <>
Date: Wed, 19 Dec 2012 09:24:42 +0100
X-Google-Sender-Auth: fYqKehN4RdaW9LGgkZ_jxIKl3vk
Message-ID: <>
To: Mike Jones <>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: "" <>, Dick Hardt <>
Subject: Re: [jose] Reducing the size of JWS payloads
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 19 Dec 2012 08:25:04 -0000

On Wed, Dec 19, 2012 at 3:26 AM, Mike Jones <> wrote:
> QUESTION TO WORKING GROUP:  I'm curious whether people would like to see us enable avoiding double base64encoding of JWS payloads when they are already URL-safe.  The space savings are significant; they come at the cost of the JWS parsing becoming [part before first period . part between first and last period . part after last period] rather than the current [part before first period . part between first and second period . part after second period (with no other periods allowed)].  Opinions?

Personally, I think it would make sense to use a more orthogonal and
general encoding of possible strategies, by doing something like
HTTP's Transfer-Encoding. The transfer encoding could express any of
'deflate', 'non-b64u', 'b64u', 'deflate-b64u', and possibly other
compression algorithms (snappy?). This allows flexibility for specific
cases like a JWE value as JWS payload and larger payloads.