I thought the JOSE specs were intended to create standards for transport of keys, and for sigs, MACs, and encryption of JSON objects.
Actually, the payloads of JWS and JWE objects can be any octet sequence - not just those representing JSON objects. OK, thanks for correcting my mis-characterization. What is the existing software to which you and Tim refer, when referring to keys (vs. JSON parsing in general)? JWK objects are already used in production to distribute public keys. For instance, the keys for Salesforce's identity services are in JWK format at https://login.salesforce.com/id/keys. (Note that I'm not saying that just because the current specs are in use, that no changes are possible.) if not that, what is the point of this comment? The point of the comment was simply to answer your question "What is the existing software to which you and Tim refer...?". Cheers, -- Mike
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
