Hi guys, If I understand correctly, the JWS and JWE specs say that the "x5c" parameter is a JSON string:
http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-05#section-4.1.6 The example: http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-05#appendix-B Wouldn't be more sensible to use a JSON array to represent the chain of X.509 certs? Instead of a string of concatenated B64 data with "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" delimiters? My case for using a JSON array: 1. A single parse of the header will do the chain as well - saves an extra non-JSON parse operation to split the x5c into chunks. 2. Saves space. 3. Makes better use of the existing JSON header structure. I suppose the current format was influenced by how X.509 chains are typically exported by programs for file transfer/storage. However, in the case of JWS/JWE, the x5c parameter will be created programmatically and there a JSON array fits better. What do you guys think? Cheers, Vladimir -- Vladimir Dzhuvinov : www.NimbusDS.com : [email protected] _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
