I am OK with that being an array. The concatenated PEM has always seemed nasty convention to me.
John B. On 2012-09-20, at 3:45 PM, Mike Jones <[email protected]> wrote: > This seems like a reasonable change to me and the rationale stated below > makes sense. What do others think? > > -- Mike > > -----Original Message----- > From: [email protected] [mailto:[email protected]] On Behalf Of > Vladimir Dzhuvinov / NimbusDS > Sent: Thursday, September 20, 2012 8:54 AM > To: [email protected] > Subject: [jose] Use JSON array for JWS/JWE x5c parameter? > > Hi guys, > > If I understand correctly, the JWS and JWE specs say that the "x5c" > parameter is a JSON string: > > http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-05#section-4.1.6 > > The example: > > http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-05#appendix-B > > > Wouldn't be more sensible to use a JSON array to represent the chain of > X.509 certs? Instead of a string of concatenated B64 data with "-----BEGIN > CERTIFICATE-----" and "-----END CERTIFICATE-----" > delimiters? > > > My case for using a JSON array: > > 1. A single parse of the header will do the chain as well - saves an extra > non-JSON parse operation to split the x5c into chunks. > > 2. Saves space. > > 3. Makes better use of the existing JSON header structure. > > > I suppose the current format was influenced by how X.509 chains are typically > exported by programs for file transfer/storage. However, in the case of > JWS/JWE, the x5c parameter will be created programmatically and there a JSON > array fits better. > > What do you guys think? > > Cheers, > > Vladimir > > -- > Vladimir Dzhuvinov : www.NimbusDS.com : [email protected] > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose > > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
