Closed jricher closed 4 months ago
@selfissued I'm fine with changing the values here, but the question is more what the appropriate containment is at the protocol level. I don't believe the signaling you are referring to works in this case. There are two JOSE-based mechanisms defined by GNAP, one uses JWS as the message payload, effectively replacing the JSON with its own type -- that's the "Attached JWS" payload. The other keeps the payload as-is (JSON) but uses JWS to create a detached signature. The payload of the JWS then becomes a hash of the content instead of the content itself. Within GNAP these are signaled by separate field values, but shouldn't they be separate typ
values as well, as per the best practice RFCs?
If we remove +jwsd
as a suffix, would you then recommend that the distinction move to the root types instead? If we go that route, I think we would probably just remove the subtypes entirely. So instead of gnap-binding+jwsd
we'd have gnap-binding-jwsd
, instead of gnap-binding+jws
we'd have gnap-binding-jws
. Would that address your concerns?
Your suggestion above not using structured suffixes would be fine. Or use something like gnap-normal-binding+jws
and gnap-detached-binding+jws
(feel free to pick more appropriate names), if you need to make the distinction at the Content-Type level, rather than after you have the content, if you still want the media type to indicate that the content is a JWS using the Compact Serialization. Your call.
The core of my review is to not create a separate jwsd
media type and structured suffix.
Oh, and to be clear in the registration text that +jws
is about the Compact Serialization.
✅ Deploy Preview for gnap-core-protocol-editors-draft ready!
Toggle QR Code...
Use your smartphone camera to open QR code link.
To edit notification comments on pull requests, go to your Netlify site configuration.