Hacker News new | past | comments | ask | show | jobs | submit login

could it use a HTTPHeader style system instead to avoid the json serializing back and forth?



Just serialize, sign, pack the signature and the raw bytes of the serialization. Doesn't matter how, just gotta pack the raw bytes, not futz with it


You can even have a JSON object containing base64 fields for message and signature if you feel it really needs to be JSON all the way down for whatever reason.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: