Re: [jose] Canonical JSON form
Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Thu, 11 October 2018 01:48 UTC
Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C190130DF9 for <jose@ietfa.amsl.com>; Wed, 10 Oct 2018 18:48:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VwPDUIiivUYD for <jose@ietfa.amsl.com>; Wed, 10 Oct 2018 18:48:15 -0700 (PDT)
Received: from mail-ot1-x32e.google.com (mail-ot1-x32e.google.com [IPv6:2607:f8b0:4864:20::32e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A44AA130DF6 for <jose@ietf.org>; Wed, 10 Oct 2018 18:48:15 -0700 (PDT)
Received: by mail-ot1-x32e.google.com with SMTP id w67so7347137ota.7 for <jose@ietf.org>; Wed, 10 Oct 2018 18:48:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kDTy6VXx4ezu0XtHP9tk2lLzQZ2mSdwmnBg7De3r8+E=; b=QAHyUBcKRrv1qJ26vi2sQsbSvyucGLUuTDP8twQiQ2OzSDftaL7QWWYc3VxQMWgwXr 9fqim0HVAYiQlL8LbVXlWk5bBojC0Xi0LUx2KXfkN9cWzM5CtT0/6y7MYQZ1wNdcEP2g 0utxBpKqmNri7JYfLgiQxGRGMSGOTIlmidU+OTzh4oGvTacOLGIivybAFeQFBCyG085h H7JZpmuM0THqvJQ44MlefaGIcchp5OD2AbplQ5pcvfGEJYzHBUhXC4Brcg86Gfmx/Kto WB/AkZCgMNL7DCR/xvzlgEcCjM5L2yoYz2AGBDi60R3be63z0YpJhxpDCMZiLOuASZhS 61Jg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kDTy6VXx4ezu0XtHP9tk2lLzQZ2mSdwmnBg7De3r8+E=; b=KB6nMJSvdwQK+gyTkArzqj1lAnPoAktNXx1NrB2D2Uf7U7KocbAEjtnbxEsSFshDOp Q7bZCvF5o+UREGJbA8+oc2++mg1WrR+RGiO3p4IvtbyJdyYWdnQcAMDCiMCxRp7Ck5V3 ianJS9EVaBlfDkEuPtXQsk8BsYrmvFa4eVOe0ovkSUhKj93eqMLawryvn31Z1WJdmgNx hHskFuRaTGB7/FU01SDeyP/ZgHTKRS3DtE91hgTjSiVnrjK1cldnG9etF95DDxEgAS/C 59bbkqdUR8bwo0jMCXbtkdnK2N9Aaw66IpjT2yHOtFaP4fcqGcoLw3mNufhOx98CYNFN jHpA==
X-Gm-Message-State: ABuFfoiiBsI2cakcdtWecjmHycIveBbGHI+B1FTgDLqjUgOLajObLChS pqp0vbzh673e9Xcsv3G1b68nqxEDiSB2KPJhUFU=
X-Google-Smtp-Source: ACcGV61ZHByGmlDqVJLH5pM0HryFhQTmMYNlnRaOxV0ugIvvIVp6AEMnPZA5kbofAzIIe16M5Mc99tlncuZd8zFbawQ=
X-Received: by 2002:a9d:61c3:: with SMTP id h3mr11831336otk.361.1539222495035; Wed, 10 Oct 2018 18:48:15 -0700 (PDT)
MIME-Version: 1.0
References: <12DD2F97-80C3-4606-9C6B-03F7A4BF19DE@gmail.com> <CAOASepNX4aYVmPWXyODn0E2Om_rimACPECqJBvZSOXVVd_p8LA@mail.gmail.com> <D21F3A95-0085-4DB7-A882-3496CC091B34@gmail.com> <CAOASepM=hB_k7Syqw4+b7L2vd6E_J0DSAAW0mHYdLExBZ6VBuw@mail.gmail.com> <00ad01d460f4$69ae8a00$3d0b9e00$@augustcellars.com> <8436AEE7-B25A-4538-B8F6-16D558D9A504@gmail.com> <MEAPR01MB35428606C09BF315DE04CC79E5E10@MEAPR01MB3542.ausprd01.prod.outlook.com>
In-Reply-To: <MEAPR01MB35428606C09BF315DE04CC79E5E10@MEAPR01MB3542.ausprd01.prod.outlook.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Wed, 10 Oct 2018 21:47:38 -0400
Message-ID: <CAHbuEH6DCD7Zc+PK3TnCBkKv1esnROwyCcDb8ZR+TKwgQQ+yXQ@mail.gmail.com>
To: "Manger, James" <James.H.Manger@team.telstra.com>
Cc: Bret Jordan <jordan.ietf@gmail.com>, jose@ietf.org
Content-Type: multipart/alternative; boundary="0000000000000c11120577ea2a69"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/u57Gh0Zy8CqdvlsfNFLQkNo_caI>
Subject: Re: [jose] Canonical JSON form
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Oct 2018 01:48:18 -0000
Bret, You could define it within a draft in a different working group other than JOSE and ask for reviewers from JOSE to review and comment to catch problems. Although already described above, there are issues with this and JSON, which is why the WG didn't want to do canonicalization. I'm assuming you want to do basically what was done for RID in XML using JSON. You may want to look at the set of possibilities to replicate as they are all likely needed with what you are trying to do or just as part of your gap analysis. https://tools.ietf.org/html/rfc6545#section-9.1 Also look at 9.3.1 and 9.3.2 as you're likely to also need multi-hop authentication too. To David's point in the message that follows this (came in while typing), RID signed portions of the message to enable interoperability and you are likely to need to do very similar things that are described in RID related to the policy work I had previously mentioned for your gap analysis as being similar functionality. If you haven't looked at that part of the document, I think it will be helpful. Best regards, Kathleen On Wed, Oct 10, 2018 at 8:29 PM Manger, James < James.H.Manger@team.telstra.com> wrote: > https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme > > is a decent attempt at JSON canonicalization (and an appendix lists a few > other attempts). > > This one sorts object members based on their UTF-16 encoding (without > escapes), and assumes double precision floats is the model for numbers. > > > > -- > > James Manger > > > > *From:* jose [mailto:jose-bounces@ietf.org] *On Behalf Of *Bret Jordan > *Sent:* Thursday, 11 October 2018 11:02 AM > *To:* Jim Schaad <ietf@augustcellars.com> > *Cc:* Nathaniel McCallum <npmccallum@redhat.com>; jose@ietf.org > *Subject:* Re: [jose] Canonical JSON form > > > > > Other implementations say that you should preserver the order of the > fields you read when serialized which is part of JSON for the browser > implementations but not necessarily elsewhere. > > > > Preserving order is hard. Depending on your programming language you > might be deserializing the content in to a struct or you may be using a > map. > > > > What I need is a way for individuals and organizations to be able to pass > around and share JSON data and collaboratively work on that JSON data and > sign the parts that they have done. > > > > > > > > Thanks, > > Bret > > PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050 > > "Without cryptography vihv vivc ce xhrnrw, however, the only thing that > can not be unscrambled is an egg." > > > > > _______________________________________________ > jose mailing list > jose@ietf.org > https://www.ietf.org/mailman/listinfo/jose > -- Best regards, Kathleen
- [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Nathaniel McCallum
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Nathaniel McCallum
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Jim Schaad
- Re: [jose] Canonical JSON form Jim Schaad
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Manger, James
- Re: [jose] Canonical JSON form David Waite
- Re: [jose] Canonical JSON form Kathleen Moriarty
- Re: [jose] Canonical JSON form Neil Madden
- Re: [jose] Canonical JSON form Samuel Erdtman
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Sergey Beryozkin
- Re: [jose] Canonical JSON form Kathleen Moriarty
- Re: [jose] Canonical JSON form Phil Hunt
- Re: [jose] Canonical JSON form Carsten Bormann
- Re: [jose] Canonical JSON form Axel.Nennker
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Carsten Bormann
- Re: [jose] Canonical JSON form Tim Bray
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Carsten Bormann
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Jim Schaad
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form David Waite
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form Carsten Bormann
- Re: [jose] Canonical JSON form Samuel Erdtman
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form Tim Bray
- Re: [jose] Canonical JSON form Jim Schaad
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Samuel Erdtman
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form Jim Schaad
- Re: [jose] Canonical JSON form Carsten Bormann
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form David Waite
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] Canonical JSON form Anders Rundgren
- [jose] JWS Counter Signatures Anders Rundgren
- Re: [jose] Canonical JSON form Bret Jordan
- Re: [jose] JWS Counter Signatures Bret Jordan
- Re: [jose] JWS Counter Signatures Jim Schaad
- Re: [jose] JWS Counter Signatures Anders Rundgren
- Re: [jose] JWS Counter Signatures Bret Jordan
- Re: [jose] JWS Counter Signatures Nat Sakimura
- Re: [jose] JWS Counter Signatures Bret Jordan
- Re: [jose] JWS Counter Signatures Carsten Bormann
- Re: [jose] JWS Counter Signatures Phil Hunt
- Re: [jose] JWS Counter Signatures Benjamin Kaduk
- Re: [jose] Canonical JSON form Anders Rundgren
- Re: [jose] Canonical JSON form Bret Jordan