kevinr
commented
1 year ago You know I think that would be fine :)
-- Kevin Riggle he/him • San Francisco, CA, USA • Pacific Time https://complexsystems.group • https://free-dissociation.com
On Feb 13, 2023, at 12:21 PM, Ryan Rix @.***> wrote:
@rrix commented on this pull request.
In data-rights-protocol.md https://github.com/consumer-reports-digital-lab/data-rights-protocol/pull/62#discussion_r1104977362:
-Keys can be generated in a number of fashions: -- C implementation of JOSE can generate JWKs:
jose jwk gen -i '{"alg":"RS256"}' -o rsa.jwk && jose jwk pub -i rsa.jwk -o rsa.pub.jwk-- MITRE's json-web-key-generator will generate the key from scratch -- pem2jwk will accept an existing PEM-encoded key and convert it to JWK -- jwkcreator web site MAY be used to convert PEM keys to JWKs which will not be used to exchange 3rd party identity and rights -- mkjwk.org web site MAY be used to generate JWKs which will not be used to exchange 3rd party identity and rights. +We provide in OSIRAA an example generating keys and signing +requests +using the PyNaCl implementation, as well as a Django request +handler +which does cryptographic verification of the requests (without the full semantic validation chain presented above). do you think we should just elide this entirely until the service directory and validation logic in OSIRAA are in place then?— Reply to this email directly, view it on GitHub https://github.com/consumer-reports-digital-lab/data-rights-protocol/pull/62#discussion_r1104977362, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAMZEZNHBW3675J5UASPKLWXKJTXANCNFSM6AAAAAATVZIJTQ. You are receiving this because you commented.
rrix
Protocol Changes from 0.6 to 0.7:
POST /key-exchangeendpoint to provide mechanism for generating pair-wise API Authorization/routing tokens. Fixes #58.