[jose] Re: [Technical Errata Reported] RFC7515 (8430)

Wed, 28 May 2025 14:10:25 -0700 

I am not sure what the reporter means

dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk decodes perfectly fine via
base64 *URL* decoding, it just requires adding "==" at end for padding
as explained in Appendix C.

>>> array("B", 
>>> base64.urlsafe_b64decode("dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk=="))
array('B', [116, 24, 223, 180, 151, 153, 224, 37, 79, 250, 96, 125, 216, 173, 
187, 186, 22, 212, 37, 77, 105, 214, 191, 240, 91, 88, 5, 88, 83, 132, 141, 
121])

and yields the same array that is reported in the RFC.


On Sun, 2025-05-25 at 18:55 -0700, RFC Errata System wrote:
> The following errata report has been submitted for RFC7515,
> "JSON Web Signature (JWS)".
> 
> --------------------------------------
> You may review the report below and at:
> https://www.rfc-editor.org/errata/eid8430
> 
> --------------------------------------
> Type: Technical
> Reported by: Panos Kampanakis <[email protected]>
> 
> Section: A.1.1
> 
> Original Text
> -------------
> Encoding this JWS Signature as BASE64URL(JWS Signature) gives this value:
>      dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk
> 
> Corrected Text
> --------------
> [ I don't know what the signature is. 
> dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk is not base64url. ]
> 
> Notes
> -----
> Maybe it was the signature in ascii and needed to be converted to base4url?
> 
> Instructions:
> -------------
> This erratum is currently posted as "Reported". (If it is spam, it 
> will be removed shortly by the RFC Production Center.) Please
> use "Reply All" to discuss whether it should be verified or
> rejected. When a decision is reached, the verifying party  
> will log in to change the status and edit the report, if necessary.
> 
> --------------------------------------
> RFC7515 (draft-ietf-jose-json-web-signature-41)
> --------------------------------------
> Title               : JSON Web Signature (JWS)
> Publication Date    : May 2015
> Author(s)           : M. Jones, J. Bradley, N. Sakimura
> Category            : PROPOSED STANDARD
> Source              : Javascript Object Signing and Encryption
> Stream              : IETF
> Verifying Party     : IESG
> 
> _______________________________________________
> jose mailing list -- [email protected]
> To unsubscribe send an email to [email protected]

-- 
Simo Sorce
Distinguished Engineer
RHEL Crypto Team
Red Hat, Inc

_______________________________________________
jose mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to