couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Noah Slater <nsla...@apache.org>
Subject Re: Proposal for digital signatures of documents
Date Mon, 09 Mar 2009 00:33:01 GMT
On Mon, Mar 09, 2009 at 10:58:02AM +1030, Antony Blakey wrote:
>
> On 09/03/2009, at 10:51 AM, Noah Slater wrote:
>
>> What does canonicalisation have to do with crypto signing procedures?
>
> From Jen's proposal:
>
>> Moreover, the same JSON object can be represented by different
>> sequences of bytes, since key/value pairs may be rearranged,
>> whitespace added or removed, and different encodings used. It's
>> possible for the byte representation to change in transit, if the
>> document is parsed into a data structure and then re-serialized. This
>> would prevent the recipient from being able to verify the signature. So
>> the signature has to be generated from a canonical representationof the
>> JSON, which we can define as:

Oh right, I'm not sure I see the immediate use case for this then.

Canonicalisation is a tough nut to crack, I would avoid it if possible.

Where's the harm in singing specific serialisations?

-- 
Noah Slater, http://tumbolia.org/nslater

Mime
View raw message