[Json] JSON Signatures for Financial Messaging

Anders Rundgren <anders.rundgren.net@gmail.com> Mon, 22 February 2016 04:21 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D23721A1B74 for <json@ietfa.amsl.com>; Sun, 21 Feb 2016 20:21:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id F8UdJKWc1oMx for <json@ietfa.amsl.com>; Sun, 21 Feb 2016 20:21:25 -0800 (PST)
Received: from mail-wm0-x22c.google.com (mail-wm0-x22c.google.com [IPv6:2a00:1450:400c:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F24D91A1A2F for <json@ietf.org>; Sun, 21 Feb 2016 20:21:24 -0800 (PST)
Received: by mail-wm0-x22c.google.com with SMTP id a4so145091820wme.1 for <json@ietf.org>; Sun, 21 Feb 2016 20:21:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:subject:to:message-id:date:user-agent:mime-version :content-type:content-transfer-encoding; bh=4jvTKOpOXQ53Awaz+fsKJNDkb8Oiv4GZNZBySen5a4U=; b=UqTupDH4Qrbh7vI6EQ/K/CyG7yNyqA6FMGFlE9uarcbAKGyAwQRCV38MVP9pm8cpA2 3pTdpQRtvLFc2YixPeb4Do+ou5lAMD7fqkh5aKf4hVugWi/XGqt0XJy8mjBSmHGIlq/d Y58ZSy6H3B8K8uVfeYvwYq1kBWGvq4W13vfae+869ethOPIt8wjtaVr9jHXPmVs0cnpb pzrV1p8g4aVuRoH2RPJw+HOgcw93WV/T3bLlrPbak1VzORA8HyYzYFxGYRaAay8irR6W goDW+CzCfVf5ZZNcBaeSyDv7AuSA5i2QbQkgBKrz4JhjId/Kril9mIdspFQkX9XDEf80 vSiw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:subject:to:message-id:date:user-agent :mime-version:content-type:content-transfer-encoding; bh=4jvTKOpOXQ53Awaz+fsKJNDkb8Oiv4GZNZBySen5a4U=; b=cYlhUNa+winmjvBUkpqDws/GNOU89sGy3G8vSBcCtACu8zxLIelM2gaGHH7B0Ec94J KJr9MvnkYs6PTFMgrgOqzcNR/zLOh5uuGQPwIYkIXo5gl67OGBTRAFzPh/DtYT6iUXSL DTN3xerq9WDMLDt79CF+jFL+mJwCHaSaLci2eJOwkJrw7MPvFycF699KXNW32P67lfd9 AJPUUS/rEtyUoDipZ8FzDS51z3iBUMmDVXj3CJBa76qr8yJ/OMD4TMxpUvaQYu0Ou0mF ePsb7789/yxkcpP4uDJcv30hzPLyZGEh1+oMkfLuEGY7oq46UIKxQgje2F2mb3cJ0Rd0 SkxA==
X-Gm-Message-State: AG10YORAILnbZ9Fu9IU6vtOj51k9o7GZOfb3mSqSdLzBT4nfuyXQYh8ewTuY8yg/hZ0urA==
X-Received: by 10.194.184.234 with SMTP id ex10mr24100951wjc.8.1456114883593; Sun, 21 Feb 2016 20:21:23 -0800 (PST)
Received: from [192.168.1.79] (9.197.130.77.rev.sfr.net. [77.130.197.9]) by smtp.googlemail.com with ESMTPSA id 74sm19203571wmn.17.2016.02.21.20.21.22 for <json@ietf.org> (version=TLSv1/SSLv3 cipher=OTHER); Sun, 21 Feb 2016 20:21:22 -0800 (PST)
From: Anders Rundgren <anders.rundgren.net@gmail.com>
To: "json@ietf.org" <json@ietf.org>
Message-ID: <56CA8CB3.2050602@gmail.com>
Date: Mon, 22 Feb 2016 05:21:07 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/json/0RnpGECt1X1dXzxBuuE2FetaBC4>
Subject: [Json] JSON Signatures for Financial Messaging
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/json/>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Feb 2016 04:21:27 -0000

A minute whitepaper.

https://cyberphone.github.io/openkeystore/resources/docs/jsonsignatures.html

JSON tools will (hopefully) be upgraded to accommodate this mode of operation:
http://bugs.java.com/bugdatabase/view_bug.do?bug_id=8149075
https://github.com/cyberphone/jsondotnet
https://github.com/golang/go/issues/14135#issuecomment-177265555
https://bugs.php.net/bug.php?id=71473
https://github.com/simplejson/simplejson/issues/133#issuecomment-177272525
https://github.com/Microsoft/ChakraCore/issues/149

Rationale:
If you specify/declare/parse properties A,B,C it is not particularly logical if they are serialized as C,B,A.

The update allows you to create "Crypto Safe" (hashable) JSON objects.  This is a new JSON feature.

Anders