Skip to content

feat(canonical): RFC 8785 (JCS) canonicalization#25

Merged
imran-siddique merged 1 commit into
mainfrom
feat/rfc8785-canonical
Jul 1, 2026
Merged

feat(canonical): RFC 8785 (JCS) canonicalization#25
imran-siddique merged 1 commit into
mainfrom
feat/rfc8785-canonical

Conversation

@imran-siddique

Copy link
Copy Markdown
Contributor

What

ca2a_runtime.canonical.canonicalize implements RFC 8785 (JSON Canonicalization Scheme) for the value types cA2A signs. Credential and provenance bodies are now signed over the JCS encoding, so cA2A signatures are cross-verifiable with agent-manifest.

  • UTF-16 key ordering, JCS minimal string escaping, non-ASCII emitted literally as UTF-8, shortest-decimal integers, floats rejected.
  • ASCII credentials are byte-identical to the previous encoding, so existing signatures and the committed examples/minimal/chain.json still verify.

Suite: 99 passed, 99% coverage.

Closes #17

🤖 Generated with Claude Code

Add ca2a_runtime.canonical.canonicalize implementing the JSON Canonicalization
Scheme for the value types cA2A signs (objects, arrays, strings, integers,
booleans, null): UTF-16 key ordering, JCS minimal string escaping, non-ASCII
emitted literally as UTF-8, shortest-decimal integers, floats rejected.

Credential and provenance bodies are now signed over the JCS encoding via
canonical_bytes, so cA2A signatures are cross-verifiable with agent-manifest.
ASCII credentials are byte-identical to the previous encoding, so existing
signatures and the committed example chain still verify. Suite: 99 passed.

Closes #17

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@imran-siddique imran-siddique merged commit bf09f29 into main Jul 1, 2026
11 checks passed
@imran-siddique imran-siddique deleted the feat/rfc8785-canonical branch July 1, 2026 18:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

spec: full RFC 8785 canonicalization alignment with agent-manifest

1 participant