The current scheme was partially derived from the JSON Serialized JWS.
Single signature:
"signature": {
Complete signature
}
Multiple signatures:
"signatures": [{
Complete signature
}...]
Although working this scheme has limitations wrt to crit
and the proposed excl
extension [1] making an alternative solution worth considering:
Single signature:
"signature": {
Global
Signature specific
}
Multiple signatures:
"signature": {
Global
"multiple": [{
Signature specific
}...]
}
Constraints:
Optional crit
and excl
specifiers MUST be in the Global section only.
Properties specified by crit
MUST be in the Signature specific section(s) only.
Properties specified by excl
MUST be in the Application level only only.
Advantages/features:
- A more logical and stringent
crit
feature
excl
would always refer to the application level object (where it makes sense)
- A Global
alg
would force all signatures to use that
- Analogous to JWE as shown by the following sample using both a shared
alg
and a crit
extension:
{
"aMutiplySignedProperty": "This is it!",
"signature": {
"alg": "ES256",
"crit": ["who"],
"multiple": [{
"who": "Jane Doe",
"val": "ZGJjHfoBPAfk3OC3DSoJwW4Rtkwl-oS--I1h8ogq3oEx8ncJ0R_BOfX9mxlX9K-zW4e1d46CikhNWyi2wKnsKw"
},{
"who": "John Doe",
"val": "LZB2awEHZbK48Zgnm-zLlyLmFMArP2vMvjN_RfUhF72iQPDT4Gee-n8S0kDTdXsZfCs5mCoBU_rFLdS-lddBbS"
}]
}
}
1] The excl
property
Optional array holding the names of one or more properties featured on the same level as the signature
property, that MUST be excluded from the signature process.
Note that the excl
property itself, MUST also be excluded from the signature process.
Property names that are to be excluded from the signature process MUST NOT be duplicated or try to override signature
.
A conforming implementation MUST reject signatures listing properties that are not found as well as empty excl
objects. Verifiers are RECOMMENDED introducing additional constraints like only accepting predefined properties. Sample:
{
"mySignedData": "something",
"myUnsignedData": "something else",
"signature": {
"alg": "ES256",
"jwk": {
"kty": "EC",
"crv": "P-256",
"x": "2zlYOKuQmOswt_xo_XhizgABDn8w2qUlte5ALXYpTWM",
"y": "wcezP2ejoD6hwPrWNYPTPSteTmWKxMR8V04ryixmXLA"
},
"excl": ["myUnsignedData"],
"val": "mjmbl9GjkGFwCgdvnx6zM_X0cYrxFm2EEdJ6s_DB3caiRfIj5hE5F4d_2dNkyE4ZqVrKUUKnE27oN2pW0IVlSw"
}
}
The application for excl
is enabling a party somewhere in the middle acquiring data in a signed object that can be "consumed" and letting the party sent the revised data to yet another party.