subject:"\[OAUTH\-WG\] FW\: Salmon signatures proposal \- base64url"

Re: [OAUTH-WG] FW: Salmon signatures proposal - base64url

2010-02-11 Thread John Panzer

James, Thanks for the feedback. +salmon-proto...@googlegroups.com bcc:oauth@ietf.org -- John Panzer / Google jpan...@google.com / abstractioneer.org / @jpanzer On Wed, Feb 10, 2010 at 10:59 PM, Manger, James H < james.h.man...@team.telstra.com> wrote: > John

Re: [OAUTH-WG] FW: Salmon signatures proposal - base64url

2010-02-10 Thread John Panzer

Thanks! On Wednesday, February 10, 2010, Manger, James H wrote: > John, > > I like your choice of base64url as a way to armour binary data and avoid > escaping issues. > > It might be nicer to sign the bytes that get armoured, instead of the ASCII > output of the armouring. > I don't think this

Re: [OAUTH-WG] FW: Salmon signatures proposal - base64url

2010-02-10 Thread Eran Hammer-Lahav

February 10, 2010 10:59 PM > To: OAuth WG (oauth@ietf.org); John Panzer > Subject: Re: [OAUTH-WG] FW: Salmon signatures proposal - base64url > > John, > > I like your choice of base64url as a way to armour binary data and avoid > escaping issues. > > It might be ni

Re: [OAUTH-WG] FW: Salmon signatures proposal - base64url

2010-02-10 Thread Manger, James H

John, I like your choice of base64url as a way to armour binary data and avoid escaping issues. It might be nicer to sign the bytes that get armoured, instead of the ASCII output of the armouring. I don't think this compromises the robustness aim of Magic Signatures. It would mean you sign the