Hi Uri, On 6/10/16 5:48 PM, Blumenthal, Uri - 0553 - MITLL wrote: > Canonicalization is the way to avoid file content being mangled or > represented differently by different (software) entities that try to create > or verify digital signature over it. It doesn't matter if your file is binary > or not. And CMS by itself won't save you either. This problem (ensuring > there is only one way to represent the contents of the file in question) is > what you need to show that you solved.
I totally get it. From a MIME perspective it'll be something like application/mud+json, encoded in UTF-8, and transported accordingly (HTTPS is 8-bit clean). This is not going to be our problem. Eliot
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OPSAWG mailing list OPSAWG@ietf.org https://www.ietf.org/mailman/listinfo/opsawg
