That works for me.
- m&m Matt Miller - <[email protected]> Cisco Systems, Inc. On Sep 20, 2012, at 09:54, Vladimir Dzhuvinov / NimbusDS wrote: > Hi guys, > > If I understand correctly, the JWS and JWE specs say that the "x5c" > parameter is a JSON string: > > http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-05#section-4.1.6 > > The example: > > http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-05#appendix-B > > > Wouldn't be more sensible to use a JSON array to represent the chain of > X.509 certs? Instead of a string of concatenated B64 data with > "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" > delimiters? > > > My case for using a JSON array: > > 1. A single parse of the header will do the chain as well - saves an > extra non-JSON parse operation to split the x5c into chunks. > > 2. Saves space. > > 3. Makes better use of the existing JSON header structure. > > > I suppose the current format was influenced by how X.509 chains are > typically exported by programs for file transfer/storage. However, in > the case of JWS/JWE, the x5c parameter will be created programmatically > and there a JSON array fits better. > > What do you guys think? > > Cheers, > > Vladimir > > -- > Vladimir Dzhuvinov : www.NimbusDS.com : [email protected] > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose
smime.p7s
Description: S/MIME cryptographic signature
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
