couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antony Blakey <>
Subject Re: Proposal for digital signatures of documents
Date Mon, 09 Mar 2009 00:28:02 GMT

On 09/03/2009, at 10:51 AM, Noah Slater wrote:

> What does canonicalisation have to do with crypto signing procedures?

 From Jen's proposal:

> Moreover, the same JSON object can be represented by different  
> sequences of bytes, since key/value pairs may be rearranged,  
> whitespace added or removed, and different encodings used. It's  
> possible for the byte representation to change in transit, if the  
> document is parsed into a data structure and then re-serialized.  
> This would prevent the recipient from being able to verify the  
> signature. So the signature has to be generated from a canonical  
> representationof the JSON, which we can define as:

Antony Blakey
CTO, Linkuistics Pty Ltd
Ph: 0438 840 787

The fact that an opinion has been widely held is no evidence whatever  
that it is not utterly absurd.
   -- Bertrand Russell

View raw message