On 09/03/2009, at 10:51 AM, Noah Slater wrote:

> What does canonicalisation have to do with crypto signing procedures?

 From Jen's proposal:

> Moreover, the same JSON object can be represented by different  
> sequences of bytes, since key/value pairs may be rearranged,  
> whitespace added or removed, and different encodings used. It's  
> possible for the byte representation to change in transit, if the  
> document is parsed into a data structure and then re-serialized.  
> This would prevent the recipient from being able to verify the  
> signature. So the signature has to be generated from a canonical  
> representationof the JSON, which we can define as:

Antony Blakey
-------------
CTO, Linkuistics Pty Ltd
Ph: 0438 840 787

The fact that an opinion has been widely held is no evidence whatever  
that it is not utterly absurd.
   -- Bertrand Russell