Sent from my iPhone > On Aug 7, 2024, at 8:22 AM, Carsten Bormann <[email protected]> wrote: > > On 2024-08-07, at 15:55, Orie Steele <[email protected]> wrote: >> >> JSON serializations might be better stored in databases, since the base64 >> encoded components can often be stored as binary instead of text... but CBOR >> would be even better. > > It is trivial to define a CBOR-based serialization of the JWP compact form, > replacing the base-64 armor by a CBOR sequence of strings (or arrays of > strings for ~). Having both means that one can have a URL-safe form > (base64url + ./~) and a media-type (CBOR sequence).
Somewhat off topic, but the latest draft is beared toward expressing the serialized parts as either octet strings (each protected header) or arrays of octet strings (payloads, proofs). BASE64URL encoding is a serialization concern and a detail of dropping binary data (like public key data) into JSON. > I didn’t manage to write the document yet, but it’s really trivial (and, > like, three lines of code). > > A true CWP would also get rid of base64 throughout the building of inputs for > the cryptography. The discussion points I anticipate will be whether to make the protected headers JSON or CBOR (more likely, if both should be defined e.g. a compressed JWP serialization as well as a true CWP), and whether to make the serialized form based on an overarching array or map. I’d certainly prefer to have CWP be part of the same effort, rather than replicate the effort in another group. I think we have seen how that leads to having differing capabilities, split attention for reviews and feedback, and multiple registries. -DW _______________________________________________ jose mailing list -- [email protected] To unsubscribe send an email to [email protected]
