While reviewing RFC 7515, whose "JWS Compact Serialization" inspired our signature format, I noted that their format is "URL safe" meaning the base64 strings are modified to avoid characters that are not allowed in a URL.
https://datatracker.ietf.org/doc/html/rfc7515#appendix-C
I wonder if our signature format, which is a series of base64 strings separated by periods, should also be made URL safe so that J could be submitted directly as a URL query parameter in a RESTful interface? The above reference gives an algorithm for transformation of base64 to/from "base64url".
AFAICT it should be possible for sign_unwrap() to support both base64 and base64url for a transition period.
While reviewing RFC 7515, whose "JWS Compact Serialization" inspired our signature format, I noted that their format is "URL safe" meaning the base64 strings are modified to avoid characters that are not allowed in a URL.
https://datatracker.ietf.org/doc/html/rfc7515#appendix-C
I wonder if our signature format, which is a series of base64 strings separated by periods, should also be made URL safe so that J could be submitted directly as a URL query parameter in a RESTful interface? The above reference gives an algorithm for transformation of base64 to/from "base64url".
AFAICT it should be possible for
sign_unwrap()to support both base64 and base64url for a transition period.