Support for General JWS and rfc7797 (JWS w/ unencoded payload)

[nhartner]

I am currently using version 1 of JOSE with General JWS and unencoded payload. I'm looking to upgrade to Jose v3 for browser compatibility but noticing General JWS and unencoded payloads are not supported. Are there plans to support this in the future?

[panva]

noticing unencoded payloads are not supported

JWS Unencoded Payload Option is supported. What made you believe it is not? The moment you add the appropriate protected header parameters required by RFC7797 you will get JWS Unencoded Payloads.

General JWS serialization syntax

I don't have a concrete plan for the multi-recipient serialization syntaxes in v3.x, at least not yet. I haven't seen or been described a single useful scenario for them.

I think for General JWS you don't need a special kind of support since it already supports Flattened JSON. Verification becomes a simple forof loop of the top level payload with each of the signatures members properties until you get a pass. Signing becomes a matter of signing the same payload with multiple keys and forming the result object as you go along.

Which particular action for General JWS do you need, sign, or verify?

[nhartner]

Sorry, just meant to say General JWS wasn't supported (with or without unencoded payloads). I'm using both sign and verify.

[panva]

I've added General JWS Sign & Verify modules to v3.4.0. Unencoded Payloads are supported in all v3.x releases.

[nhartner]

Oh dang! Ask and ye shall receive. Thanks!

[panva]

Please consider supporting the library if it provides value to you or your company and this support was of help to you. Supporting the library means, amongst other things, that such support will be available in the future.