<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
        {font-family:Wingdings;
        panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
        {font-family:Wingdings;
        panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
        {font-family:Verdana;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
tt
        {mso-style-priority:99;
        font-family:"Courier New";
        color:#003366;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
        {mso-style-priority:99;
        mso-style-link:"Balloon Text Char";
        margin:0in;
        margin-bottom:.0001pt;
        font-size:8.0pt;
        font-family:"Tahoma","sans-serif";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
        {mso-style-priority:34;
        margin-top:0in;
        margin-right:0in;
        margin-bottom:0in;
        margin-left:.5in;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";}
span.EmailStyle19
        {mso-style-type:personal;
        font-family:"Calibri","sans-serif";
        color:windowtext;}
span.EmailStyle20
        {mso-style-type:personal;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
span.EmailStyle21
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#002060;}
span.BalloonTextChar
        {mso-style-name:"Balloon Text Char";
        mso-style-priority:99;
        mso-style-link:"Balloon Text";
        font-family:"Tahoma","sans-serif";}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
/* List Definitions */
@list l0
        {mso-list-id:881669544;
        mso-list-template-ids:1057917144;}
@list l0:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l0:level2
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:1.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:"Courier New";
        mso-bidi-font-family:"Times New Roman";}
@list l0:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level5
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level8
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l0:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l1
        {mso-list-id:882987467;
        mso-list-type:hybrid;
        mso-list-template-ids:768357060 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l1:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l1:level2
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l1:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l1:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l1:level5
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l1:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l1:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l1:level8
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l1:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l2
        {mso-list-id:1546599182;
        mso-list-type:hybrid;
        mso-list-template-ids:-2044428630 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l2:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l2:level2
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l2:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l2:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l2:level5
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l2:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l2:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Symbol;}
@list l2:level8
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:"Courier New";}
@list l2:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:none;
        mso-level-number-position:left;
        text-indent:-.25in;
        font-family:Wingdings;}
@list l3
        {mso-list-id:1708795006;
        mso-list-template-ids:1747075698;}
@list l3:level1
        {mso-level-number-format:bullet;
        mso-level-text:\F0B7;
        mso-level-tab-stop:.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Symbol;}
@list l3:level2
        {mso-level-number-format:bullet;
        mso-level-text:o;
        mso-level-tab-stop:1.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:"Courier New";
        mso-bidi-font-family:"Times New Roman";}
@list l3:level3
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:1.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l3:level4
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:2.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l3:level5
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:2.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l3:level6
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:3.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l3:level7
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:3.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l3:level8
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:4.0in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
@list l3:level9
        {mso-level-number-format:bullet;
        mso-level-text:\F0A7;
        mso-level-tab-stop:4.5in;
        mso-level-number-position:left;
        text-indent:-.25in;
        mso-ansi-font-size:10.0pt;
        font-family:Wingdings;}
ol
        {margin-bottom:0in;}
ul
        {margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#002060">FYI, I also posted about this at
<a href="http://self-issued.info/?p=759">http://self-issued.info/?p=759</a>, if you want to reference it.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#002060"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#002060">                                                                -- Mike<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#002060"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> openid-specs-ab-bounces@lists.openid.net [mailto:openid-specs-ab-bounces@lists.openid.net]
<b>On Behalf Of </b>Mike Jones<br>
<b>Sent:</b> Friday, July 06, 2012 10:28 AM<br>
<b>To:</b> openid-specs-ab@lists.openid.net<br>
<b>Subject:</b> [Openid-specs-ab] FW: Updated versions of JOSE and JWT specifications<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">
<a href="mailto:jose-bounces@ietf.org">jose-bounces@ietf.org</a> <a href="mailto:[mailto:jose-bounces@ietf.org]">
[mailto:jose-bounces@ietf.org]</a> <b>On Behalf Of </b>Mike Jones<br>
<b>Sent:</b> Friday, July 06, 2012 10:26 AM<br>
<b>To:</b> <a href="mailto:jose@ietf.org">jose@ietf.org</a><br>
<b>Subject:</b> [jose] Updated versions of JOSE and JWT specifications<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">New versions of the JSON WEB {Signature,Encryption,Key,Algorithms,Token} (JWS, JWE, JWK, JWA, JWT) specifications have been released.  These versions incorporate numerous suggestions from working group members and developers that clarify
 the intent of the specifications and make them easier to read and implement.  In particular, the JWE spec now includes encryption and key derivation examples for a number of algorithms that have been verified in multiple independent implementations.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I’ve worked to close out all the former “TBD” items in the specs, bringing them up to an editorially complete state, in preparation for working group last call.  As with previous releases, see the “Open Issues” sections for a small number
 of discussion points that I believe merit working group attention.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I also applied the changes made to the JOSE specs to the related individual submission JWS JSON Serialization and JWE JSON Serialization specs, which enable multiple recipients.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The working group specifications are available at:<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l2 level1 lfo1"><![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">        
</span></span></span><![endif]><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-03">http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-03</a><o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l2 level1 lfo1"><![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">        
</span></span></span><![endif]><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-03">http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-03</a><o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l2 level1 lfo1"><![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">        
</span></span></span><![endif]><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-key-03">http://tools.ietf.org/html/draft-ietf-jose-json-web-key-03</a><o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l2 level1 lfo1"><![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">        
</span></span></span><![endif]><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-03">http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-03</a><o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l2 level1 lfo1"><![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">        
</span></span></span><![endif]><a href="http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-01">http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-01</a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The individual submission specifications are available at:<o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l1 level1 lfo2"><![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">        
</span></span></span><![endif]><a href="http://tools.ietf.org/html/draft-jones-json-web-signature-json-serialization-02">http://tools.ietf.org/html/draft-jones-json-web-signature-json-serialization-02</a><o:p></o:p></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l1 level1 lfo2"><![if !supportLists]><span style="font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">        
</span></span></span><![endif]><a href="http://tools.ietf.org/html/draft-jones-json-web-encryption-json-serialization-02">http://tools.ietf.org/html/draft-jones-json-web-encryption-json-serialization-02</a><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The document history entries (also in the specifications) are as follows:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-03">http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-03</a><o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added the
</span><span lang="EN" style="font-family:"Courier New";color:#003366">cty</span><span lang="EN" style="font-family:"Verdana","sans-serif""> (content type) header parameter for declaring type information about the secured content, as opposed to the
</span><span lang="EN" style="font-family:"Courier New";color:#003366">typ</span><span lang="EN" style="font-family:"Verdana","sans-serif""> (type) header parameter, which declares type information about this object.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added "Collision Resistant Namespace" to the terminology section.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Reference ITU.X690.1994 for DER encoding.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added an example JWS using ECDSA P-521 SHA-512. This has particular illustrative value because of the use of the 521 bit integers in
 the key and signature values. This is also an example in which the payload is not a base64url encoded JSON object.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added an example
</span><span lang="EN" style="font-family:"Courier New";color:#003366">x5c</span><span lang="EN" style="font-family:"Verdana","sans-serif""> value.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">No longer say "the UTF-8 representation of the JWS Secured Input (which is the same as the ASCII representation)". Just call it "the
 ASCII representation of the JWS Secured Input". <o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added Registration Template sections for defined registries.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added Registry Contents sections to populate registry values.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Changed name of the JSON Web Signature and Encryption "typ" Values registry to be the JSON Web Signature and Encryption Type Values
 registry, since it is used for more than just values of the </span><span lang="EN" style="font-family:"Courier New";color:#003366">typ</span><span lang="EN" style="font-family:"Verdana","sans-serif""> parameter.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Moved registries JSON Web Signature and Encryption Header Parameters and JSON Web Signature and Encryption Type Values to the JWS specification.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Numerous editorial improvements.
<o:p></o:p></span></li></ul>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-03">http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-03</a><o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added the
</span><span lang="EN" style="font-family:"Courier New";color:#003366">kdf</span><span lang="EN" style="font-family:"Verdana","sans-serif""> (key derivation function) header parameter to provide crypto agility for key derivation. The default KDF remains the
 Concat KDF with the SHA-256 digest function. <o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Reordered encryption steps so that the Encoded JWE Header is always created before it is needed as an input to the AEAD "additional
 authenticated data" parameter. <o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added the
</span><span lang="EN" style="font-family:"Courier New";color:#003366">cty</span><span lang="EN" style="font-family:"Verdana","sans-serif""> (content type) header parameter for declaring type information about the secured content, as opposed to the
</span><span lang="EN" style="font-family:"Courier New";color:#003366">typ</span><span lang="EN" style="font-family:"Verdana","sans-serif""> (type) header parameter, which declares type information about this object.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Moved description of how to determine whether a header is for a JWS or a JWE from the JWT spec to the JWE spec.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added complete encryption examples for both AEAD and non-AEAD algorithms.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added complete key derivation examples.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added "Collision Resistant Namespace" to the terminology section.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Reference ITU.X690.1994 for DER encoding.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added Registry Contents sections to populate registry values.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Numerous editorial improvements.<o:p></o:p></span></li></ul>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-key-03">http://tools.ietf.org/html/draft-ietf-jose-json-web-key-03</a><o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Clarified that
</span><span lang="EN" style="font-family:"Courier New";color:#003366">kid</span><span lang="EN" style="font-family:"Verdana","sans-serif""> values need not be unique within a JWK Set.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Moved JSON Web Key Parameters registry to the JWK specification.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added "Collision Resistant Namespace" to the terminology section.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Changed registration requirements from RFC Required to Specification Required with Expert Review.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added Registration Template sections for defined registries.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added Registry Contents sections to populate registry values.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Numerous editorial improvements.
<o:p></o:p></span></li></ul>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a href="http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-03">http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-03</a><o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Always use a 128 bit "authentication tag" size for AES GCM, regardless of the key size.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Specified that use of a 128 bit IV is REQUIRED with AES CBC. It was previously RECOMMENDED.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Removed key size language for ECDSA algorithms, since the key size is implied by the algorithm being used.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Stated that the
</span><span lang="EN" style="font-family:"Courier New";color:#003366">int</span><span lang="EN" style="font-family:"Verdana","sans-serif""> key size must be the same as the hash output size (and not larger, as was previously allowed) so that its size is defined
 for key generation purposes. <o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added the
</span><span lang="EN" style="font-family:"Courier New";color:#003366">kdf</span><span lang="EN" style="font-family:"Verdana","sans-serif""> (key derivation function) header parameter to provide crypto agility for key derivation. The default KDF remains the
 Concat KDF with the SHA-256 digest function. <o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Clarified that the
</span><span lang="EN" style="font-family:"Courier New";color:#003366">mod</span><span lang="EN" style="font-family:"Verdana","sans-serif""> and
</span><span lang="EN" style="font-family:"Courier New";color:#003366">exp</span><span lang="EN" style="font-family:"Verdana","sans-serif""> values are unsigned.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added Implementation Requirements columns to algorithm tables and Implementation Requirements entries to algorithm registries.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Changed AES Key Wrap to RECOMMENDED.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Moved registries JSON Web Signature and Encryption Header Parameters and JSON Web Signature and Encryption Type Values to the JWS specification.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Moved JSON Web Key Parameters registry to the JWK specification.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Changed registration requirements from RFC Required to Specification Required with Expert Review.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added Registration Template sections for defined registries.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added Registry Contents sections to populate registry values.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">No longer say "the UTF-8 representation of the JWS Secured Input (which is the same as the ASCII representation)". Just call it "the
 ASCII representation of the JWS Secured Input". <o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added "Collision Resistant Namespace" to the terminology section.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Numerous editorial improvements.
<o:p></o:p></span></li></ul>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a href="http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-01">http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-01</a><o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added the
</span><span lang="EN" style="font-family:"Courier New";color:#003366">cty</span><span lang="EN" style="font-family:"Verdana","sans-serif""> (content type) header parameter for declaring type information about the secured content, as opposed to the
</span><span lang="EN" style="font-family:"Courier New";color:#003366">typ</span><span lang="EN" style="font-family:"Verdana","sans-serif""> (type) header parameter, which declares type information about this object. This significantly simplified nested JWTs.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Moved description of how to determine whether a header is for a JWS or a JWE from the JWT spec to the JWE spec.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Changed registration requirements from RFC Required to Specification Required with Expert Review.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added Registration Template sections for defined registries.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added Registry Contents sections to populate registry values.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Added "Collision Resistant Namespace" to the terminology section.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Numerous editorial improvements.<o:p></o:p></span></li></ul>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a href="http://tools.ietf.org/html/draft-jones-json-web-signature-json-serialization-02">http://tools.ietf.org/html/draft-jones-json-web-signature-json-serialization-02</a><o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;mso-list:l3 level1 lfo3"><span lang="EN" style="font-family:"Verdana","sans-serif"">Tracked editorial changes made to the JWS spec.<o:p></o:p></span></li></ul>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><a href="http://tools.ietf.org/html/draft-jones-json-web-encryption-json-serialization-02">http://tools.ietf.org/html/draft-jones-json-web-encryption-json-serialization-02</a><o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="color:black;mso-list:l0 level1 lfo4"><span lang="EN" style="font-family:"Verdana","sans-serif"">Updated examples to track updated algorithm properties in the JWA spec.
<o:p></o:p></span></li><li class="MsoNormal" style="color:black;mso-list:l0 level1 lfo4"><span lang="EN" style="font-family:"Verdana","sans-serif"">Tracked editorial changes made to the JWE spec.<o:p></o:p></span></li></ul>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Special thanks to Axel Nennker, Emmanuel Raviart, Brian Campbell, and Edmund Jay for validating the JWE examples!<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">                                                            -- Mike<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>