Return-Path: Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: (qmail 67290 invoked from network); 9 Mar 2009 00:28:36 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 9 Mar 2009 00:28:36 -0000 Received: (qmail 3091 invoked by uid 500); 9 Mar 2009 00:28:35 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 3055 invoked by uid 500); 9 Mar 2009 00:28:35 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 3044 invoked by uid 99); 9 Mar 2009 00:28:35 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 08 Mar 2009 17:28:35 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of antony.blakey@gmail.com designates 209.85.200.171 as permitted sender) Received: from [209.85.200.171] (HELO wf-out-1314.google.com) (209.85.200.171) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 09 Mar 2009 00:28:27 +0000 Received: by wf-out-1314.google.com with SMTP id 28so1547041wff.29 for ; Sun, 08 Mar 2009 17:28:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:from:to :in-reply-to:content-type:content-transfer-encoding:mime-version :subject:date:references:x-mailer; bh=jsYvnykT+hzW9W04YbMXhIJuWZtGr4os1DLRfwN34Lc=; b=x5VWCV13dAEXSQEThXbv0Uc8cUalqY24Os+zOQ5Wof5fsjmjPMJWtOM2wMmxbu3Pf9 rbZ/pY9TvgTgwW68FOaXwpnMxbsqvws1zeXNP+LKai5dC1OACN+UH7WpBJallv1mxCCm IF/GzYCl34ZmpuQsV7h8VX//lbSv+oIZqOp6Y= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:from:to:in-reply-to:content-type :content-transfer-encoding:mime-version:subject:date:references :x-mailer; b=Ckxga4lB0XY2T0RLz2iGYuDkl83oLacPwx+hF6i5lt5mn1nFSy6fYuE2OT1p1Wi6Cb fhaIxGkANi3KktPaih6oh9wr5RTiolXEk7LkS5Pv63Cw2+zPafZdzVHlZdU9aqh8KvVO V2vD/IHNU6ThBgawrm4mMeEt8wifVvlpN2q6k= Received: by 10.142.90.16 with SMTP id n16mr2255414wfb.314.1236558486800; Sun, 08 Mar 2009 17:28:06 -0700 (PDT) Received: from ?192.168.0.17? (ppp121-45-108-71.lns10.adl6.internode.on.net [121.45.108.71]) by mx.google.com with ESMTPS id 32sm7462850wfc.29.2009.03.08.17.28.05 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sun, 08 Mar 2009 17:28:06 -0700 (PDT) Message-Id: <55679AE8-0200-40B9-AC7D-0249E4FECC3B@gmail.com> From: Antony Blakey To: user@couchdb.apache.org In-Reply-To: <20090309002113.GD361@tumbolia.org> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v930.3) Subject: Re: Proposal for digital signatures of documents Date: Mon, 9 Mar 2009 10:58:02 +1030 References: <283A6EDD-6701-4A6A-88AE-8B97E6D11D9E@mooseyard.com> <20090309002113.GD361@tumbolia.org> X-Mailer: Apple Mail (2.930.3) X-Virus-Checked: Checked by ClamAV on apache.org On 09/03/2009, at 10:51 AM, Noah Slater wrote: > What does canonicalisation have to do with crypto signing procedures? From Jen's proposal: > Moreover, the same JSON object can be represented by different > sequences of bytes, since key/value pairs may be rearranged, > whitespace added or removed, and different encodings used. It's > possible for the byte representation to change in transit, if the > document is parsed into a data structure and then re-serialized. > This would prevent the recipient from being able to verify the > signature. So the signature has to be generated from a canonical > representationof the JSON, which we can define as: Antony Blakey ------------- CTO, Linkuistics Pty Ltd Ph: 0438 840 787 The fact that an opinion has been widely held is no evidence whatever that it is not utterly absurd. -- Bertrand Russell