hi *, IMHO the RSASSA-PKCS-v1_5 SHA-256 validation example n [0] can be a bit better explained. Indeed it says
We pass (n, e), JWS Signature, and the JWS Signing Input to an RSASSA-PKCS-v1_5 signature verifier that has been configured to use the SHA-256 hash function. There is no mention on the fact the JWS Signature should be decoded in order to be verified. IMHO a bit of more wording around this would not harm. WDYT? regards antonio [0] http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-25#appendix-A.2.2
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
