/
Format of JWS to manage MTB public keys
Format of JWS to manage MTB public keys
- Magnus Lundgren (Unlicensed)
- Fredrik Ljunggren
Owned by Magnus Lundgren (Unlicensed)
Keys shall be delivered within a JSON structure signed using JWS (RFC 7515) with the following parameters and content:
The JWS Protected Header shall contain the following fields:
{
"alg": 'ES256',
"kid": string <kid of the key-management key, supplied by the AB>,
"authid": string <Participants ID (PID)> ,
"notvalidafter": string (ISO 8601),
"serial": integer (serialNumber)
}The JWS Payload shall contain the following fields:
{
'addMtbPublicKeys': [ JWK Object, JWK Object .. JWK Object ],
(only new keys, existing keys still in use shall not be listed again)
'delMtbPublicKeys': [ JWK Object kid, JWK Object kid .. JWK Object kid]
(if no keys are to be removed, this field can be omitted)}
The JWS shall be formated in the JWS compact serialization format according to RFC 7515, section 3.1:
BASE64URL(UTF8(JWS Protected Header)) || '.' ||
BASE64URL(JWS Payload) || '.' ||
BASE64URL(JWS Signature)
Notes:
A JWK with an existing kid is skipped as you can't update an specific key. To do an update the existing key must be removed and a new defined.
, multiple selections available,
Related content
MTS Documentation
MTS Documentation
More like this
BoB Electronic Tickets
BoB Electronic Tickets
Read with this
Key Management
More like this
BoB Authentication OpenAPI
BoB Authentication OpenAPI
Read with this
Participant Metadata
Participant Metadata
More like this
BoB Authentication API
BoB Authentication API
Read with this