Ok - let's start with which values you are comparing - ones in the header or the ones in the dot simple encoding. I never said a thing about changing the ones in the dot simple encoding just the ones in the header - such as the SHA-1 hash of a certificate. I doubt that you are going to compare that in an encoded method and if you do then you are going to have a problem if your certificate library want's it base64 encoded rather than base64URL encoded.
I also doubt it makes any difference for the binary values that are parts of keys which way you encode as the library is either going to want binary values or needs to be willing to accept it both ways - after all there is nothing that says a different system is not going to want the same values in a base64 encoded manner (PKCS#8 anybody). What you are saying is perhaps a better argument for saying that you MUST decode and compare the bytes rather than encode and compare the encoded values. After all, two ways of doing the same thing is bad right. Jim > -----Original Message----- > From: Daniel Holth [mailto:[email protected]] > Sent: Tuesday, September 04, 2012 2:16 PM > To: Jim Schaad > Cc: Mike Jones; [email protected] > Subject: Re: [jose] Use of Base64 encoding > > On Tue, Sep 4, 2012 at 5:10 PM, Jim Schaad <[email protected]> wrote: > > I hope that you have a better response than this. If what you say is > > true then we should eliminate a large number of the cryptographic > > algorithms that have been proposed as they provide multiple ways of doing > things. > > > > Do you really believe that the difference in the receiving software is > > going to be that different based on if base64 or base64URL encoding is > > used on a binary value? > > I wrote that bug just last week. Some people will encode and compare the > encoded results, others will decode and compare the bits. _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
