Let's say we have created a JWE as such:
headerOne.encryptedKeyOne.initializationVectorOne.ciphertextOne.integritityVectorOne
This is now the payload to a JWS. Rather than increasing the token size by 4/3
by URL safe base 64 encoding the payload (since it is already URL safe), it
would be useful to have a JWS header parameter that indicates the payload was
not re-encoded and does not need to be URL safe base 64 decoded.
As there are more periods than expected in a JWS, decoding would ignore all
periods except the first and last one for separating out the header, payload
and signature.
The indicating parameter would seem to be either "tip" or "cty". I'm still
confused about the difference between the two parameters, so not sure which one
is appropriate.
-- Dick
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
