[jose] Enveloped JSON signatures
Anders Rundgren <anders.rundgren@telia.com> Thu, 18 July 2013 08:45 UTC
Return-Path: <anders.rundgren@telia.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B480A11E80EF for <jose@ietfa.amsl.com>; Thu, 18 Jul 2013 01:45:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.299
X-Spam-Level:
X-Spam-Status: No, score=-2.299 tagged_above=-999 required=5 tests=[AWL=1.300, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C-zNKIBr+dFt for <jose@ietfa.amsl.com>; Thu, 18 Jul 2013 01:45:38 -0700 (PDT)
Received: from smtp-out21.han.skanova.net (smtp-out21.han.skanova.net [195.67.226.208]) by ietfa.amsl.com (Postfix) with ESMTP id 544B411E80E2 for <jose@ietf.org>; Thu, 18 Jul 2013 01:45:38 -0700 (PDT)
Received: from [192.168.0.202] (213.64.1.89) by smtp-out21.han.skanova.net (8.5.133) (authenticated as u36408181) id 51AC783600EBEF95 for jose@ietf.org; Thu, 18 Jul 2013 10:45:35 +0200
Message-ID: <51E7AB29.7060600@telia.com>
Date: Thu, 18 Jul 2013 10:45:29 +0200
From: Anders Rundgren <anders.rundgren@telia.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130620 Thunderbird/17.0.7
MIME-Version: 1.0
To: jose@ietf.org
X-Enigmail-Version: 1.5.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: [jose] Enveloped JSON signatures
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jul 2013 08:45:43 -0000
Hi, I'm hooked on enveloped signatures i XML. I'm considering dropping XML for JSON. I guess enveloped signatures won't be a part of JWS? Why enveloped signatures you may wonder? Well, in most schemes the root/top element is the message/type indicator and it is of course nice if a signature can cover the entire message. thanx Anders <ProvisioningInitializationResponse Attestation="NxcMqBJGQi...hcKoS2wPQm7rvRc=" ClientTime="2013-07-09T18:13:52+02:00" ID="C-13fc435e15fe1f9c7534beb0a08" ServerSessionID="S-13fc435e0099bb7345b0bf57a85" ServerTime="2013-07-09T18:13:52+02:00" xmlns="http://xmlns.webpki.org/keygen2/beta/20121228#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ds11="http://www.w3.org/2009/xmldsig11#"> <ClientEphemeralKey> <ds11:ECKeyValue> <ds11:NamedCurve URI="urn:oid:1.2.840.10045.3.1.7"/> <ds11:PublicKey>BEdD3W6GslfY/AVEkRTD8MqT2R24iYnb+qvs2zP8PWXfecMNioEYR5P1VWPnKLPbRm1JMWPNrgBcTrBPebJ0eKc=</ds11:PublicKey> </ds11:ECKeyValue> </ClientEphemeralKey> <DeviceCertificatePath> <ds:X509Data> <ds:X509Certificate>MIIC2DCCAcCgAwIBAg...xtVD5cD1Gcn7KNdcJfLt</ds:X509Certificate> </ds:X509Data> </DeviceCertificatePath> <ds:Signature> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#hmac-sha256"/> <ds:Reference URI="#C-13fc435e15fe1f9c7534beb0a08"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> <ds:DigestValue>bQymGISGazFazPrSFcl45YrUBYPzF1sZ1O+29zpfx+w=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>ZN1QM20uWIfHd4rloiqtQqRRf6jAgifcFlzNxqlnk84=</ds:SignatureValue> <ds:KeyInfo> <ds:KeyName>derived-session-key</ds:KeyName> </ds:KeyInfo> </ds:Signature> </ProvisioningInitializationResponse>
- [jose] Enveloped JSON signatures Anders Rundgren
- Re: [jose] Enveloped JSON signatures Phillip Hallam-Baker
- Re: [jose] Enveloped JSON signatures David Waite
- Re: [jose] Enveloped JSON signatures Anders Rundgren
- Re: [jose] Enveloped JSON signatures Anders Rundgren
- Re: [jose] Enveloped JSON signatures Anders Rundgren