[pkix] Release Candidate - JSON Cleartext Signature

Anders Rundgren <anders.rundgren.net@gmail.com> Sun, 28 May 2017 06:06 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F872126BF3 for <pkix@ietfa.amsl.com>; Sat, 27 May 2017 23:06:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.001
X-Spam-Level:
X-Spam-Status: No, score=0.001 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TJp6edB-JCv5 for <pkix@ietfa.amsl.com>; Sat, 27 May 2017 23:06:31 -0700 (PDT)
Received: from mail-wm0-x243.google.com (mail-wm0-x243.google.com [IPv6:2a00:1450:400c:c09::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 547BD1200F1 for <pkix@ietf.org>; Sat, 27 May 2017 23:06:31 -0700 (PDT)
Received: by mail-wm0-x243.google.com with SMTP id g15so10237819wmc.2 for <pkix@ietf.org>; Sat, 27 May 2017 23:06:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:subject:to:message-id:date:user-agent:mime-version :content-language:content-transfer-encoding; bh=anZc+ZHg1oPpaU7VaV0A0lyHjTHS0oaPO60MU3OXFLc=; b=cRvbmK5U3LhxqylcXdpYS6UWZcMWkdrKb0Q16vXXxe1kYZ1XUIDHD/YIQH4KrmydvP bqEc9kgT/lRniPTUj0MKnRrK1RuI41/2E52HA3DNTBbKH+Hnzfw3ajLGSrZ/5ekbLEfc luOGrq9x/h58VYtnWymWSgIAi2ikYeVl8NtMx7vXDTxMfJFM0ZGA87ofG2Z+xkE/mKxE 2jlYNNaIHIDQ6bMU029Uzyfv/PuGybj/LO9ovZmesstzK12GyeETggQh7X0zc2xb86Cu rf+MAMVy79OXbeZE4ou7g18UMNkkUDKIB4LUw5SCSGmTFqmFQXZFyFdJNJ/xHmQOWEs4 34Bw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:subject:to:message-id:date:user-agent :mime-version:content-language:content-transfer-encoding; bh=anZc+ZHg1oPpaU7VaV0A0lyHjTHS0oaPO60MU3OXFLc=; b=jqBypa9sxpTn9Z91oziavhcMJ2b5kjkAJ0HgJzVLGGZljH4jeroGUKEKao/CaaUUyS I2r9qtsXd4OP6Vh+z8GF2br1c5kfmLLv4vyAs1KpGRQ5Wv9iaVHOKgO8PMSurgrwCVlz alOwFcqMy+23TvCWLfJdWraqjMBOrDlO2Z7T8lmRqsMP3wk1GDqvZc7l5LEEj4S8+JoG GtOd7+alb2nv3NI4vOUy3GShjrmNm1HIfRVE/9E0/kB9RXaFcwiCWhz1ptRhBvAkVNCI vTF/NT10AFtBK5rY+x2Pw3iIaAQkC26ps0YJ5CPaYaJixBKRs6fzNiFWJ3h6wuddqrnA JlYQ==
X-Gm-Message-State: AODbwcCIOFaLK4u5p3y9XrNyaq/DzjeBX84KI5yvzbCQcPLTeHKcUSh6 vOvqrb+XISAuIA==
X-Received: by 10.28.127.10 with SMTP id a10mr6938699wmd.36.1495951589836; Sat, 27 May 2017 23:06:29 -0700 (PDT)
Received: from [192.168.1.79] (124.25.176.95.rev.sfr.net. [95.176.25.124]) by smtp.googlemail.com with ESMTPSA id q195sm11017421wmd.7.2017.05.27.23.06.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 27 May 2017 23:06:28 -0700 (PDT)
From: Anders Rundgren <anders.rundgren.net@gmail.com>
To: "pkix@ietf.org" <pkix@ietf.org>
Message-ID: <5407c048-c484-9cd0-edbf-bebb9fb996d1@gmail.com>
Date: Sun, 28 May 2017 08:06:26 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/pkix/QYBj7xXqP_0pGentHO-YsCWelyw>
Subject: [pkix] Release Candidate - JSON Cleartext Signature
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 28 May 2017 06:06:33 -0000

I have written about this before but here is an update that may be of some interest.

The IETF JOSE WG finished their work on JSON based cryptographic solutions 2015.

Although a truly awesome piece of work, the JOSE WG didn't really consider systems based on JSON messaging which has lead to a bunch of external developments having one thing in common; they do not wrap messages in Base64.

Anyway, I have tried (to the best of my ability...) reusing as much as possible of the JOSE stack in a recently upgraded version of JCS (JSON Cleartext Signature): https://cyberphone.github.io/doc/security/jcs.html

JCS combines ES6 (JavaScript version 6) JavaScript/JSON Serialization with JWA (JSON Web Algorithms) and JWK (JSON Web Key).  That is, JCS is firmly based on industry standards, only the "packaging" is special.

I consider the current incarnation as ready.  It already runs on some of the most popular platforms out there including Chrome, Node.js, Android *, Java *.

Anders
https://cyberphone.github.io/doc/security/jsonsignatures.html

* With the help of a free support library