FYI, this note had previously been sent to the JOSE interim working group
meeting participants. It discusses the correspondences between the agreed-upon
JSON Serialization and Compact Serialization formats and how to transform one
into the other.
-- Mike
From: Mike Jones
Sent: Wednesday, May 01, 2013 12:37 PM
To: Jim Schaad; John Bradley; Richard Barnes
Cc: Pete Resnick; Sean Turner; Matt Miller; Joe Hildebrand; Peter Saint-Andre;
Brian Campbell; Karen O'Donoghue; Eric Rescorla; Hannes Tschofenig
Subject: RE: Draft write-up of discussion on JSON Serialization with some
non-protected fields
A transformation from JWS and JWE objects using the compact serializations to
ones using the JSON Serialization is always possible as simple syntactic
transformation. The transformation from the compact JWS "hdr.msg.sig" into a
JSON-serialized JWS is:
{"protected":"hdr",
"signatures":[{"signature":"sig"}],
"payload":"msg"
}
The transformation from the compact JWE "hdr.ekey.iv.ct.tag" into a
JSON-serialized JWE is:
{"protected":"hdr",
"recipients":[{"encrypted_key":"ekey"}],
"initialization_vector":"iv",
"ciphertext":"ct",
"authentication_tag":"tag"
}
Transformations from JSON Serializations for single recipients into the Compact
Serializations are always possible. When the "header" fields (containing
unprotected header parameter values) aren't used, the transformation is purely
syntactic - being the inverse of those above.
When "header" fields are used, the contents of their JSON objects are merged
into the "protected" header object contents, with the resulting merged header
contents being used as the header for the compact serializations. For
instance, this JWE:
{"protected":"base64url("{"enc":"A128GCM"}")",
"header":{"kid":"3"},
"recipients":[
{"header":{"alg":"A128KW"},
"encrypted_key":"ekey"}],
"initialization_vector":"iv",
"ciphertext":"ct",
"authentication_tag":"tag"
}
Would use this header value in the compact serialization:
base64url("{"enc":"A128GCM","kid":"3","alg":"A128KW"}")
The rest of the JSON serialization -> compact serialization is purely
syntactic, and as above.
By design, a transformation from a multi-recipient JWE or multi-signature JWS
to the compact serializations is not possible.
-- Mike
From: Mike Jones
Sent: Wednesday, May 01, 2013 10:54 AM
To: John Bradley; Richard Barnes
Cc: Jim Schaad; Pete Resnick; Sean Turner; Matt Miller; Joe Hildebrand; Peter
Saint-Andre; Brian Campbell; Karen O'Donoghue; Eric Rescorla; Hannes Tschofenig
Subject: RE: Draft write-up of discussion on JSON Serialization with some
non-protected fields
Yes, that was the agreement. I can write up the transformation rules once my
flight finished de-icing and is under way.
-- Mike
________________________________
From: John Bradley
Sent: 5/1/2013 11:50 AM
To: Richard Barnes
Cc: Jim Schaad; Mike Jones; Pete Resnick; Sean Turner; Matt Miller; Joe
Hildebrand; Peter Saint-Andre; Brian Campbell; Karen O'Donoghue; Eric Rescorla;
Hannes Tschofenig
Subject: Re: Draft write-up of discussion on JSON Serialization with some
non-protected fields
For compact, I thought we agreed to put all the headers in the authenticated
header segment and only send that.
Are you referring to having to merge the protected and unprotected headers?
John
Sent from my iPhone
On 2013-05-01, at 9:14 AM, Richard Barnes <[email protected]<mailto:[email protected]>>
wrote:
I started working on this last night. It's not completely trivial, but it can
be done. I'll try to write it up on the plane on the way home.
On Wed, May 1, 2013 at 10:42 AM, Jim Schaad
<[email protected]<mailto:[email protected]>> wrote:
If you have a single recipient with protected data, I would like to see an
example of this combined with the transformation logic to the compact case.
Can either of you provide this?
Jim
[SNIP]
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
