Suppose an application wanted to carry a signature over an HTTP entity body
in a header:
-----BEGIN-Example-----
HTTP/1.1 200 OK
Content-Type: text/plain
Content-Length: 5
Content-Signature: { "unprotected": { "alg": "RS256", "jku": "
http://example.com/key"; }, "signature": "..." }
fnord
-----END-Example-----
Note that the content of the "Content-Signature" header is the same thing
that would go in an element of the "signatures" array. So the application
would simply specify that a recipient should reconstruct a full JWS-JSON
from the following template:
{
"payload": base64($ENTITY_BODY),
"recipients": [$CONTENT_SIGNATURE]
}
That's what I meant when I said the revised JWS-JSON layout makes detached
signature trivial :)
--Richard
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
