Re: [jose] X.590 for digitally signing JSON data is published

Thu, 21 Dec 2023 12:36:50 -0800 

Thanks for the pointer, Bret.

Skimming this, I notice that it relies on JSON canonicalization.

I also see that it uses JOSE algorithms.

What else should the JOSE working group take away from this?

                                                       -- Mike

From: jose <[email protected]> On Behalf Of Bret Jordan
Sent: Thursday, December 21, 2023 11:37 AM
To: [email protected]
Subject: [jose] X.590 for digitally signing JSON data is published

http://www.itu.int/rec/T-REC-X.590-202310-I/en

This specification enables the following core features:

1. Signatures can be added to the JSON data without needing to base64 encode 
the JSON data or convert it to CBOR. Meaning, you can still view and process 
the signed JSON data without destroying the signature or having to change it to 
some other serialization

2. Multiple independent organizations can digitally sign the same JSON data, a 
critical feature for attestation

3. Signatures can be added after the fact, this enables sharing communities to 
also digitally sign the JSON data to show that they have independently verified 
it and thus increasing the trust in the data

4. Signatures can be detached from the original JSON data and shared 
separately, if needed due to data marking requirements

5. Individual signatures can be countersigned as many times as needed, a 
critical features for contracts

6. Signatures can be verified hours, days, weeks, months, or years later, which 
is important for auditing and verification

7. Signatures remain valid even when going through an intermediary processing 
organization like an ISAC or ISAO

8. It supports quantum safe digital signature algorithms

9. Enables signing of SBOMs and HBOMs

10. Support cti / threat intelligence / stix and CACAO playbook sharing from 
the various ISACs and ISAOs


Some of the initial main uses cases for JSS X.590 are

* Financial transactions
* Real Estate transactions
* Legal contracts
* Threat intelligence sharing
* SBOMs and HBOMs
* Account and identity verification

Bret

_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose

Reply via email to