In my opinion we can create a good canonicalization format for JSON to be used to sign cleartext JSON.
As can be seen on this list many are skeptical so my approach would be to publish easy to use open source implementations. If we do that and there is real interest then we might be able to convince people here about the need. In line with this ambition I have done the JS and Java publications. This might also show there is no actual interest and then that is also an outcome. Best regards //Samuel On Mon, Oct 22, 2018 at 8:44 AM Carsten Bormann <[email protected]> wrote: > On Oct 22, 2018, at 04:47, David Waite <[email protected]> > wrote: > > > > intermittent interoperability failures until a new language runtime > release which revises the numerical print and parse functions > > Note that this is not a theoretical concern, as CVE-2010-4476 and > CVE-2010-4645 amply demonstrate, nicely underscored by the re-occurrence of > the latter in > https://www.exploringbinary.com/php-converts-2-2250738585072012e-308-incorrectly/ > > Grüße, Carsten > > _______________________________________________ > jose mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/jose >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
