[jose] Does JWS signature relate with JWS payload?
Beth Lee <bethleekor@gmail.com> Thu, 22 February 2018 02:35 UTC
Return-Path: <bethleekor@gmail.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2D6D212E854 for <jose@ietfa.amsl.com>; Wed, 21 Feb 2018 18:35:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id J8Aw8WPEIOrl for <jose@ietfa.amsl.com>; Wed, 21 Feb 2018 18:35:42 -0800 (PST)
Received: from mail-qt0-x232.google.com (mail-qt0-x232.google.com [IPv6:2607:f8b0:400d:c0d::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 64BE9126CC4 for <jose@ietf.org>; Wed, 21 Feb 2018 18:35:42 -0800 (PST)
Received: by mail-qt0-x232.google.com with SMTP id c7so4595127qtn.3 for <jose@ietf.org>; Wed, 21 Feb 2018 18:35:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=t3Uoxhve34SEetu001FBwLUmMtD4+9sa7ESFsv9KuF4=; b=SwhLYyIqPe3mS5WZQkspl0pmZxsLyp5CmzOq+IlQnP/YbMdvzgoMX1KBwZX8L0DKXo P48Dd3Re/eVDvdGaUhuxBMeI9kwW/h91GA9aAKVEcQfty+UlvppBZVvvybf2xvdqYgmB ycIFIJpJKEXS3WcNVz8BCF6IMzL9ljuLUpug2fXqe0Ab9zY+jD8m1rtuxNsSn247KAN2 vnfETTCppOXMdwj/mO0ezw3nLubIkgKDhicxwTu90/QNPqsMGPbrDIZwnllzxSIKWkhN MPhoRkX2M6TFmzN3fm/b6jc1doye+2kEtjWCwfJ35BGEUEwC39tMOgR/3/nOzxKscpn3 TkQQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=t3Uoxhve34SEetu001FBwLUmMtD4+9sa7ESFsv9KuF4=; b=qpQpmVF+yNjmvwe0LNGF/DokFVXisVtNJICJOQbYiJsHltqjZF9fPIlLhZkjWN//Fk aRMhQ5Eial0Kwtr/YpAts1gyxkr8NhyFS3/Sb6wSs8mZNTJKKrEVCusZ/pF899x60WtU GVBz1qow8eW2kVe123m1Hc47RiKWvEB4+jYn+SThkDuO4Kjv3PqU5w7xj6U908Vywesi oEZcLnr9MMxG2ngs13Jx7ZYS/QQcF2HQVb2X5Om1ppF9I8OcUqg897F1A/CnIM7IsOxk zlM2P5pBC26UkZcNGNngNGot44pBU6GCpjUWToBIwniDSZ6BQTCee0parCWRP7Wa//2W j47Q==
X-Gm-Message-State: APf1xPBSH5HaGJ9HK/kHzHi4T2EEww/ew5rekFUqpm8KqIdCnJDGgNvg JXfP6uqQGexBWpgRzu1h1QOcOErFw464youlrkt+LA==
X-Google-Smtp-Source: AH8x226y3Wsp2WVPpnG5nz5YNcHLan1UCs3YM3j8SpApMCpUXlgXlVb1mnhpEdGaYA8eEgg0h0dDLwtvkKyAhfYwmV8=
X-Received: by 10.200.19.77 with SMTP id f13mr8651590qtj.98.1519266941380; Wed, 21 Feb 2018 18:35:41 -0800 (PST)
MIME-Version: 1.0
Received: by 10.237.53.27 with HTTP; Wed, 21 Feb 2018 18:35:41 -0800 (PST)
From: Beth Lee <bethleekor@gmail.com>
Date: Thu, 22 Feb 2018 11:35:41 +0900
Message-ID: <CADawRBY8RMfMBbMS3maef1_q9nADUz6qzM-SvzhWzkn4+Uc-tQ@mail.gmail.com>
To: jose@ietf.org
Content-Type: multipart/alternative; boundary="089e0828f3845c2e000565c3e680"
Archived-At: <https://mailarchive.ietf.org/arch/msg/jose/ymVvRG4jOH9dc2BoeNHCTRGlNPI>
X-Mailman-Approved-At: Thu, 22 Feb 2018 21:13:27 -0800
Subject: [jose] Does JWS signature relate with JWS payload?
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Feb 2018 04:54:42 -0000
Hi. I'm Jin. I have curious about JWS signatrue in JWT. I already read the JWT spec inforation from https://www.rfc-editor.org/rfc/rfc7515.txt But I'm still confusted about JWS signatrue contains or relate with JWS Payload value or not. I knew that JWT contained with 3 part. (JOSE Header, JWS Payload, JWS Signatrue) When I read the spec information. I understood that JWS signature value doesn't contain the JWS payload value. Am I right? Then how can I check data integrity based on JSW signature ? (I guess I'm not right.) I really want to solve my question but I can't reache the answers. So please give me some advice. Best regards, Jin