Add Trust Anchors to "ProviderAuthority" #3
Comments
|
It is imaginable rather representing entries in {
"s256": "0fCrhFwZRU_ea7lUWwRi3HkuyT2yF9IxN5xKh2khjlk",
"url": "https://example.com/trustme.cer"
}where |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In order to make Merchant on-boarding simpler,
ProviderAuthorityobjects could be augmented with trust anchors:{ "@context": "http://webpki.org/saturn/v3", "@qualifier": "ProviderAuthority", "httpVersion": "HTTP/1.1", "authorityUrl": "https://payments.mybank.com/authority", "homePage": "https://mybank.com", "serviceUrl": "https://payments.mybank.com/service", "extensions": { "http://webpki.org/saturn/v3/extensions#hybrid": "https://payments.mybank.com/hybridpay" }, "paymentMethods": ["https://sepa.payments.org","https://ultragiro.se"], "signatureProfiles": ["http://webpki.org/saturn/v3/signatures#P-256.ES256"], "encryptionParameters": [{ "dataEncryptionAlgorithm": "A128CBC-HS256", "keyEncryptionAlgorithm": "ECDH-ES", "publicKey": { "kty": "EC", "crv": "P-256", "x": "TfCrhFwZRU_ea7lUWwRi3HkuyT2yF9IxN5xKh2khjlk", "y": "nZFwxLP0TvFXD2xPKzRTIGevgLjpiMw2BP86hszj5x4" } }], "trustAnchors": ["MIIBtTCCAVmgAwIB....3FwxFeOawwmz1bM6"], "timeStamp": "2017-09-28T05:06:23Z", "expires": "2017-09-28T06:06:24Z", "signature": { "algorithm": "ES256", "signerCertificate": { "issuer": "CN=Payment Network Sub CA3,C=EU", "serialNumber": "1461174553809", "subject": "CN=mybank.com,2.5.4.5=#130434353031,C=FR" }, "certificatePath": ["MIIBtTCCAVmgAwIB....3FwxFeOawwmz1bM6","MIIDcjCCAVqgAwIB....e_-5TddhlTUMNPvw"], "value": "mY1RjqTjnTGDwedG7FUQWbYKaeowrNH5....DbUcBYBteg9VpwzaIXW477mE2QVdix0w" } }The assumption is that signatures must contain all certificates except for the trust anchor.
The text was updated successfully, but these errors were encountered: