No Base String

From IIW

Issue/Topic: No Base String

Session: Tuesday 2I

Conference: IIW-11 November 2-4, Mountain View, Complete Notes Page

Convener: Paul Tarjan

Notes-taker(s): Paul Tarjan

Tags:

Discussion notes:

"No Base Strings - Signing JSON"

Examples:

=== ENVELOPE base64url(sig) . base64url({ "algorithm": "RSA256", "payload": base64url({"a":"b"}) })


=== POSTCARD base64url(sig) . base64url({ "algorithm": "AES256 RSA256", }) . base64url(encrypt({"a":"b"}))


==== MULTISIG POSTCARD

base64url(["base64(sigj)","base64(sig)"]) . base64url({ "algorithm": "HMAC256 HMAC256", "iv": "1244" }) . base64url(encrypt({"a":"b"}))


=== JSON ENVELOPE

base64url({ "signature":base64url(sig), "envelope": base64url({ "algorithm": "RSA256", }) "payload": base64url({"a":"b"}) })

=== Votes Envelope is required? (required won) Postcard vs Envelope (postcard won) Dots vs JSON as the outer (dots won) Algorithm encodes profile (shove everything in the algo. Algorithm defines keys in envelope).

Retrieved from "https://iiw.idcommons.net/index.php?title=No_Base_String&oldid=3580"