FYI, the -26 draft has been edited to clarify the issue you raised. See
http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-26#appendix-A.2.2.
Thanks for your feedback,
-- Mike
From: jose [mailto:[email protected]] On Behalf Of Antonio Sanso
Sent: Tuesday, April 01, 2014 11:19 PM
To: [email protected]
Subject: [jose] RSASSA-PKCS-v1_5 SHA-256 validation example
hi *,
IMHO the RSASSA-PKCS-v1_5 SHA-256 validation example n [0] can be a bit better
explained.
Indeed it says
We pass (n, e), JWS Signature, and the JWS Signing Input to
an RSASSA-PKCS-v1_5 signature verifier that has been configured to
use the SHA-256 hash function.
There is no mention on the fact the JWS Signature should be decoded in order to
be verified.
IMHO a bit of more wording around this would not harm.
WDYT?
regards
antonio
[0]
http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-25#appendix-A.2.2
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
