[security-dev] securing JSON
Anil Saldhana
Anil.Saldhana at redhat.com
Tue Jul 31 17:48:41 EDT 2012
On 07/31/2012 04:00 PM, Bill Burke wrote:
> I think you should contribute to the Jackson project to implement JSON
> security. I'm assuming JSON security means encrypting various pieces of
> a json document? all the stuff we have in XML land?
The idea is to encrypt content (arbitrary bytes) and send it as part
of a json construct. Unlike the xml document scenarios, where you
want to encrypt parts. There is currently a BSD style implementation
of json security drafts by a German researcher, that I have requested
to be made into an independent project. Then Jackson or any other
project that intends to have json signature/encryption can get this
functionality via this independent library.
>
> Also, I still never understood why somebody would want a partial
> encryption of a document. Why not just send it via S/MIME?
>
Bill, time for you to submit a IETF draft to datatracker.ietf.org/wg/jose/
More information about the security-dev
mailing list