Skip to content

Commit 3326187

Browse files
MarkLodatoMarkLodato
committed
Clarify out-of-band negotation.
Clarify that the signer and verifier should agree on payloadType and whether backwards compatibility should be supported.
1 parent 6918d40 commit 3326187

File tree

1 file changed

+7
-0
lines changed

1 file changed

+7
-0
lines changed

specification.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -77,6 +77,11 @@ where:
7777
7878
### Steps
7979
80+
Out of band:
81+
82+
- Agree on a PAYLOAD_TYPE and cryptographic details.
83+
- Decide if [backwards compatible signature] mode should be allowed.
84+
8085
To sign:
8186
8287
- Serialize BODY according to PAYLOAD_TYPE. Call the result SERIALIZED_BODY.
@@ -91,6 +96,7 @@ To verify:
9196
fails.
9297
- Base64-decode `sig` and verify PAE(UTF8(PAYLOAD_TYPE), SERIALIZED_BODY).
9398
Reject if either the decoding or the signature verification fails.
99+
- Reject if PAYLOAD_TYPE is not a supported type.
94100
- Parse SERIALIZED_BODY according to PAYLOAD_TYPE. Reject if the parsing
95101
fails.
96102
@@ -356,6 +362,7 @@ Signed wrapper:
356362
- [JWS]
357363
- [PASETO]
358364

365+
[backwards compatible signature]: #backwards-compatible-signatures
359366
[Canonical JSON]: http://wiki.laptop.org/go/Canonical_JSON
360367
[JWS]: https://tools.ietf.org/html/rfc7515
361368
[PASETO]: https://github.com/paragonie/paseto/blob/master/docs/01-Protocol-Versions/Version2.md#sig

0 commit comments

Comments
 (0)