diff --git a/docs/PRIMARY_PROTOCOL.md b/docs/PRIMARY_PROTOCOL.md index c0d31fbdfedb3d50176bc1e2cf30cb70ff07e92d..ff13f32252478697dc287a8571d236df28cb2f2a 100644 --- a/docs/PRIMARY_PROTOCOL.md +++ b/docs/PRIMARY_PROTOCOL.md @@ -285,8 +285,18 @@ authentication page should include a javascript shim, hosted at: ### 6.1 Public Key Format -BrowserID public keys make use of Cryptographic Algorithms for JWS as [listed here](http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-00.html#SigningAlgs). -The private/public key pair can be generated using OpenSSL. +The public key is a JSON Web Algorihtms (JWA) public key as [listed here](http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-00.html#SigningAlgs). +This is a private/public key pair than can be generated using OpenSSL. The +EyeDeeMe service has a [.well-known/browserid document](https://eyedee.me/.well-known/browserid) +that shows exactly what the [Mozilla Wiki](https://wiki.mozilla.org/Identity/BrowserID#Public_Key) +means in the example. + +Generate a public key JSON document in Ruby: + + private_key = OpenSSL::PKey::RSA.new(1024) + public_key = private_key.public_key + {"algorithm"=> "RS", "n" => public_key.n.to_s, "e" => public_key.e.to_s }.to_json + ### 6.2 Certificate Format