Re: [jose] Canonical JSON form

Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com> Thu, 11 October 2018 01:48 UTC

Return-Path: <kathleen.moriarty.ietf@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C190130DF9 for <jose@ietfa.amsl.com>; Wed, 10 Oct 2018 18:48:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VwPDUIiivUYD for <jose@ietfa.amsl.com>; Wed, 10 Oct 2018 18:48:15 -0700 (PDT)
Received: from mail-ot1-x32e.google.com (mail-ot1-x32e.google.com [IPv6:2607:f8b0:4864:20::32e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A44AA130DF6 for <jose@ietf.org>; Wed, 10 Oct 2018 18:48:15 -0700 (PDT)
Received: by mail-ot1-x32e.google.com with SMTP id w67so7347137ota.7 for <jose@ietf.org>; Wed, 10 Oct 2018 18:48:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=kDTy6VXx4ezu0XtHP9tk2lLzQZ2mSdwmnBg7De3r8+E=; b=QAHyUBcKRrv1qJ26vi2sQsbSvyucGLUuTDP8twQiQ2OzSDftaL7QWWYc3VxQMWgwXr 9fqim0HVAYiQlL8LbVXlWk5bBojC0Xi0LUx2KXfkN9cWzM5CtT0/6y7MYQZ1wNdcEP2g 0utxBpKqmNri7JYfLgiQxGRGMSGOTIlmidU+OTzh4oGvTacOLGIivybAFeQFBCyG085h H7JZpmuM0THqvJQ44MlefaGIcchp5OD2AbplQ5pcvfGEJYzHBUhXC4Brcg86Gfmx/Kto WB/AkZCgMNL7DCR/xvzlgEcCjM5L2yoYz2AGBDi60R3be63z0YpJhxpDCMZiLOuASZhS 61Jg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=kDTy6VXx4ezu0XtHP9tk2lLzQZ2mSdwmnBg7De3r8+E=; b=KB6nMJSvdwQK+gyTkArzqj1lAnPoAktNXx1NrB2D2Uf7U7KocbAEjtnbxEsSFshDOp Q7bZCvF5o+UREGJbA8+oc2++mg1WrR+RGiO3p4IvtbyJdyYWdnQcAMDCiMCxRp7Ck5V3 ianJS9EVaBlfDkEuPtXQsk8BsYrmvFa4eVOe0ovkSUhKj93eqMLawryvn31Z1WJdmgNx hHskFuRaTGB7/FU01SDeyP/ZgHTKRS3DtE91hgTjSiVnrjK1cldnG9etF95DDxEgAS/C 59bbkqdUR8bwo0jMCXbtkdnK2N9Aaw66IpjT2yHOtFaP4fcqGcoLw3mNufhOx98CYNFN jHpA==
X-Gm-Message-State: ABuFfoiiBsI2cakcdtWecjmHycIveBbGHI+B1FTgDLqjUgOLajObLChS pqp0vbzh673e9Xcsv3G1b68nqxEDiSB2KPJhUFU=
X-Google-Smtp-Source: ACcGV61ZHByGmlDqVJLH5pM0HryFhQTmMYNlnRaOxV0ugIvvIVp6AEMnPZA5kbofAzIIe16M5Mc99tlncuZd8zFbawQ=
X-Received: by 2002:a9d:61c3:: with SMTP id h3mr11831336otk.361.1539222495035; Wed, 10 Oct 2018 18:48:15 -0700 (PDT)
MIME-Version: 1.0
References: <12DD2F97-80C3-4606-9C6B-03F7A4BF19DE@gmail.com> <CAOASepNX4aYVmPWXyODn0E2Om_rimACPECqJBvZSOXVVd_p8LA@mail.gmail.com> <D21F3A95-0085-4DB7-A882-3496CC091B34@gmail.com> <CAOASepM=hB_k7Syqw4+b7L2vd6E_J0DSAAW0mHYdLExBZ6VBuw@mail.gmail.com> <00ad01d460f4$69ae8a00$3d0b9e00$@augustcellars.com> <8436AEE7-B25A-4538-B8F6-16D558D9A504@gmail.com> <MEAPR01MB35428606C09BF315DE04CC79E5E10@MEAPR01MB3542.ausprd01.prod.outlook.com>
In-Reply-To: <MEAPR01MB35428606C09BF315DE04CC79E5E10@MEAPR01MB3542.ausprd01.prod.outlook.com>
From: Kathleen Moriarty <kathleen.moriarty.ietf@gmail.com>
Date: Wed, 10 Oct 2018 21:47:38 -0400
Message-ID: <CAHbuEH6DCD7Zc+PK3TnCBkKv1esnROwyCcDb8ZR+TKwgQQ+yXQ@mail.gmail.com>
To: "Manger, James" <James.H.Manger@team.telstra.com>
Cc: Bret Jordan <jordan.ietf@gmail.com>, jose@ietf.org
Content-Type: multipart/alternative; boundary="0000000000000c11120577ea2a69"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/u57Gh0Zy8CqdvlsfNFLQkNo_caI>
Subject: Re: [jose] Canonical JSON form
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Oct 2018 01:48:18 -0000

Bret,

You could define it within a draft in a different working group other than
JOSE and ask for reviewers from JOSE to review and comment to catch
problems.  Although already described above, there are issues with this and
JSON, which is why the WG didn't want to do canonicalization.

I'm assuming you want to do basically what was done for RID in XML using
JSON.  You may want to look at the set of possibilities to replicate as
they are all likely needed with what you are trying to do or just as part
of your gap analysis.

https://tools.ietf.org/html/rfc6545#section-9.1
Also look at 9.3.1 and 9.3.2 as you're likely to also need multi-hop
authentication too.

To David's point in the message that follows this (came in while typing),
RID signed portions of the message to enable interoperability and you are
likely to need to do very similar things that are described in RID related
to the policy work I had previously mentioned for your gap analysis as
being similar functionality.  If you haven't looked at that part of the
document, I think it will be helpful.

Best regards,
Kathleen



On Wed, Oct 10, 2018 at 8:29 PM Manger, James <
James.H.Manger@team.telstra.com> wrote:

> https://tools.ietf.org/html/draft-rundgren-json-canonicalization-scheme
>
> is a decent attempt at JSON canonicalization (and an appendix lists a few
> other attempts).
>
> This one sorts object members based on their UTF-16 encoding (without
> escapes), and assumes double precision floats is the model for numbers.
>
>
>
> --
>
> James Manger
>
>
>
> *From:* jose [mailto:jose-bounces@ietf.org] *On Behalf Of *Bret Jordan
> *Sent:* Thursday, 11 October 2018 11:02 AM
> *To:* Jim Schaad <ietf@augustcellars.com>
> *Cc:* Nathaniel McCallum <npmccallum@redhat.com>om>; jose@ietf.org
> *Subject:* Re: [jose] Canonical JSON form
>
>
>
>
> Other implementations say that you should preserver the order of the
> fields you read when serialized which is part of JSON for the browser
> implementations but not necessarily elsewhere.
>
>
>
> Preserving order is hard.  Depending on your programming language you
> might be deserializing the content in to a struct or you may be using a
> map.
>
>
>
> What I need is a way for individuals and organizations to be able to pass
> around and share JSON data and collaboratively work on that JSON data and
> sign the parts that they have done.
>
>
>
>
>
>
>
> Thanks,
>
> Bret
>
> PGP Fingerprint: 63B4 FC53 680A 6B7D 1447  F2C0 74F8 ACAE 7415 0050
>
> "Without cryptography vihv vivc ce xhrnrw, however, the only thing that
> can not be unscrambled is an egg."
>
>
>
>
> _______________________________________________
> jose mailing list
> jose@ietf.org
> https://www.ietf.org/mailman/listinfo/jose
>


-- 

Best regards,
Kathleen