Yes that conflicts with the correct definition of x5c in JWK.
John B. > On Jan 13, 2015, at 6:15 PM, Mike Jones <[email protected]> wrote: > > Then we also need to delete this sentence in > http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-39#appendix-B > <http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-39#appendix-B>, > since it’s incorrect: > > Note that since these strings contain > base64 encoded (not base64url encoded) values, they are allowed to > contain white space and line breaks. > > Thanks for the last-minute catch! > > -- Mike > > From: John Bradley [mailto:[email protected]] > Sent: Tuesday, January 13, 2015 11:50 AM > To: Mike Jones > Cc: Anders Rundgren; [email protected] > Subject: Re: [jose] "x5c" - JSON Compatible? > > Mike, > > According to [RFC4648] Section 4 > <https://tools.ietf.org/html/rfc4648#section-4> whitespace are not valid > base64 encoding characters. > > Older PEM specifications required breaking up into lines of 64 characters. > Most base64 decoders ignore whitespace to be backwards compatible, but that > doesn't make whitespace valid to produce. > > Some software like openSSL will need the strings "-----BEGIN > CERTIFICATE-----" and "-----END CERTIFICATE-----" appended and line breaks > added for import. > > I don't see the text about including line breaks in the current draft 39 Sec > 4.7. of JWK. > > I think the only thing required is the note about line breaks within values > being for display only is all that is needed. > > So no whitespace in the value and applications add it if required for > importing as a PEM encoded cert. > > John B. > > > > On Jan 13, 2015, at 3:33 PM, Mike Jones <[email protected] > <mailto:[email protected]>> wrote:[RFC4648] Section 4 > <https://tools.ietf.org/html/rfc4648#section-4> > > We should add the standard disclaimer “(with line breaks within values for > display purposes only)” to the description of the example. > > -- Mike > > From: jose [mailto:[email protected] <mailto:[email protected]>] On > Behalf Of Mark Watson > Sent: Tuesday, January 13, 2015 8:53 AM > To: Anders Rundgren > Cc: Richard Barnes; [email protected] <mailto:[email protected]> > Subject: Re: [jose] "x5c" - JSON Compatible? > > > > On Tue, Jan 13, 2015 at 4:13 AM, Anders Rundgren > <[email protected] <mailto:[email protected]>> wrote: > On 2015-01-13 12:35, Richard Barnes wrote: > > > On Tuesday, January 13, 2015, Anders Rundgren <[email protected] > <mailto:[email protected]> <mailto:[email protected] > <mailto:[email protected]>>> wrote: > > The spec claims the following: > > "Note that since these strings contain base64 encoded > (not base64url encoded) values, they are allowed to contain > white space and line breaks." > > Is this really JSON compliant? > > I didn't interpret the JSON spec in that way and Python and Chrome seems > to agree with me. > > What's I'm missing here? > > > Are you seriously suggesting that JSON strings can't contain white space? > > Control characters have to be escaped, but they can definitely be there. > > JSON.parse('["this is...\\u000A...a string"]') > > Sure, but the example in appendix B wouldn't parse. > Shouldn't a proper text say that possible line-breaks MUST be properly > escaped. > > Line breaks in JSON do have to be escaped, either as above or with \r \n. > This is clear at www.json.org <http://www.json.org/>. > > …Mark > > > > Anders > > > --Richard > > > Cheers > Anders > > _________________________________________________ > jose mailing list > [email protected] <mailto:[email protected]> > https://www.ietf.org/mailman/__listinfo/jose > <https://www.ietf.org/mailman/__listinfo/jose> > <https://www.ietf.org/mailman/listinfo/jose > <https://www.ietf.org/mailman/listinfo/jose>> > > > _______________________________________________ > jose mailing list > [email protected] <mailto:[email protected]> > https://www.ietf.org/mailman/listinfo/jose > <https://www.ietf.org/mailman/listinfo/jose> > > _______________________________________________ > jose mailing list > [email protected] <mailto:[email protected]> > https://www.ietf.org/mailman/listinfo/jose > <https://www.ietf.org/mailman/listinfo/jose>
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
