No, not really. I was just looking to validate my own implementation and using (abusing) these lists seemed like a decent way to do it.
I mean, from a developer's perspective, I find examples that can be used to validate implementation to be extremely useful. But, at this point, RFC 7638 is probably just fine as it is. On Tue, Sep 22, 2015 at 1:45 PM, Jim Schaad <[email protected]> wrote: > Brian, > > > > Are you thinking that the set of examples should be expanded? > > > > Jim > > > > > > *From:* jose [mailto:[email protected]] *On Behalf Of *Brian Campbell > *Sent:* Tuesday, September 22, 2015 10:47 AM > *To:* Manger, James <[email protected]> > *Cc:* <[email protected]> <[email protected]>; > [email protected] > *Subject:* Re: [jose] [Openid-specs-ab] JWK Thumbprint / RFC 7638 > > > > Thanks James. That's still useful validation. > > For whatever it's worth, shortly after I sent the message yesterday I > noticed the nimbus library announced support for JWK thumbprints. So I > compared some results with that implementation. Nimbus had a small defect > calculating thumbprints for "oct" key types but, once that was fixed, also > produced the same results. So I'm reasonably confident these examples are > correct. > > > > > > On Mon, Sep 21, 2015 at 6:09 PM, Manger, James < > [email protected]> wrote: > > I got the same results, Brian — though using some manual tools, not a > proper library. > > > > -- > > James Manger > > > > *From:* Openid-specs-ab [mailto:[email protected]] *On > Behalf Of *Brian Campbell > *Sent:* Tuesday, 22 September 2015 1:43 AM > *To:* [email protected]; <[email protected]> > *Subject:* [Openid-specs-ab] JWK Thumbprint / RFC 7638 > > > > I added JWK Thumbprint support to my JOSE/JWT library > <https://bitbucket.org/b_c/jose4j> this morning. Does anyone else have an > implementation handy? > > The example in section 3.1 > <http://tools.ietf.org/html/rfc7638#section-3.1> provided a nice > opportunity to check my work with an "RSA" key type. However, there are no > examples for "EC" or "oct" keys. While it should be pretty straightforward > to implement, for me anyway, dumb little mistakes are certainly within the > realm of possibility. So, if anyone would like to check their work against > mine, a few JWKs followed by the base64url encoded SHA-256 hash of the RFC > 7638 thumbprint are below. I'd be interested to hear if folks can > (hopefully) reproduce the same results. > > > {"kty":"oct", > "k":"ZW8Eg8TiwoT2YamLJfC2leYpLgLmUAh_PcMHqRzBnMg"} > 7WWD36NF4WCpPaYtK47mM4o0a5CCeOt01JXSuMayv5g > > > {"kty":"EC", > "x":"CEuRLUISufhcjrj-32N0Bvl3KPMiHH9iSw4ohN9jxrA", > "y":"EldWz_iXSK3l_S7n4w_t3baxos7o9yqX0IjzG959vHc", > "crv":"P-256"} > j4UYwo9wrtllSHaoLDJNh7MhVCL8t0t8cGPPzChpYDs > > > {"kty":"EC", > > > "x":"Aeq3uMrb3iCQEt0PzSeZMmrmYhsKP5DM1oMP6LQzTFQY9-F3Ab45xiK4AJxltXEI-87g3gRwId88hTyHgq180JDt", > > > "y":"ARA0lIlrZMEzaXyXE4hjEkc50y_JON3qL7HSae9VuWpOv_2kit8p3pyJBiRb468_U5ztLT7FvDvtimyS42trhDTu", > "crv":"P-521"} > rz4Ohmpxg-UOWIWqWKHlOe0bHSjNUFlHW5vwG_M7qYg > > > {"kty":"EC", > "x":"2jCG5DmKUql9YPn7F2C-0ljWEbj8O8-vn5Ih1k7Wzb-y3NpBLiG1BiRa392b1kcQ", > "y":"7Ragi9rT-5tSzaMbJlH_EIJl6rNFfj4V4RyFM5U2z4j1hesX5JXa8dWOsE-5wPIl", > "crv":"P-384"} > vZtaWIw-zw95JNzzURg1YB7mWNLlm44YZDZzhrPNetM > > > {"kty":"oct","k":"NGbwp1rC4n85A1SaNxoHow"} > 5_qb56G0OJDw-lb5mkDaWS4MwuY0fatkn9LkNqUHqMk > > >
_______________________________________________ jose mailing list [email protected] https://www.ietf.org/mailman/listinfo/jose
