Before dismissing Canonical JSON, you may take it for spin at: https://mobilepki.org/jws-jcs/home
This particular signature variant is 100% JWS compatible. Although enveloped signatures may be "out of fashion", I find them quite practical since they don't interfere with the message structure. An example: In the IETF TEEP work (building on JOSE), the designers were forced adding an unsigned outer JSON layer in order to get a reasonable system. The idea is not replacing JOSE, only creating a viable alternative for folks who don't want to shroud their precious JSON data in Base64Url! Thanks, Anders _______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
