Re: [security-dev] Implementing JSON Security

The German Researcher Axel Nennker created a separate project http://code.google.com/p/jsoncrypto/. He has given me commit rights so I can mavenize his project. On 07/31/2012 10:15 AM, Anil Saldhana wrote: > I created a wiki article. > https://docs.jboss.org/author/display/SECURITY/JSON+Security > > Will be adding more examples to this article. > > On 07/30/2012 11:22 AM, Anil Saldhana wrote: >> Hi All, >> as you know currently IETF is working on securing JSON. The drafts >> are all available here: >> http://datatracker.ietf.org/wg/jose/ >> >> So last week, I implemented at least the bare minimum we require to >> secure JSON. But encryption is tricky given that there are a lot of >> algorithms that are not yet available in the JDK implementation but are >> available via the BouncyCastle project. >> >> Look at the supported table: >> http://www.ietf.org/mail-archive/web/jose/current/msg00928.html >> >> While I was doing my implementation, I found out that there is a German >> researcher working on a project called xmldap.org and has implemented >> the drafts fully. He has been doing this for months. His license is MIT >> style. I have requested him to create a separate independent project >> for JOSE so everybody can reuse his work, rather than create umpteen >> implementations. He has agreed to work with me. >> http://ignisvulpis.blogspot.com/2012/06/ecdh-es-for-json-web-encryption.html >> >> Regards, >> Anil > _______________________________________________ > security-dev mailing list > security-dev(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/security-dev _______________________________________________ security-dev mailing list security-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/security-dev