
<html>

<head>

<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">

<style>

<!--

@font-face

        {font-family:Wingdings}

@font-face

        {font-family:Wingdings}

@font-face

        {font-family:Calibri}

@font-face

        {font-family:Tahoma}

p.MsoNormal, li.MsoNormal, div.MsoNormal

        {margin:0cm;

        margin-bottom:.0001pt;

        font-size:11.0pt;

        font-family:"Calibri","sans-serif"}

a:link, span.MsoHyperlink

        {color:blue;

        text-decoration:underline}

a:visited, span.MsoHyperlinkFollowed

        {color:purple;

        text-decoration:underline}

p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph

        {margin-top:0cm;

        margin-right:0cm;

        margin-bottom:0cm;

        margin-left:36.0pt;

        margin-bottom:.0001pt;

        font-size:11.0pt;

        font-family:"Calibri","sans-serif"}

span.EmailStyle18

        {font-family:"Calibri","sans-serif";

        color:windowtext}

span.EmailStyle19

        {font-family:"Calibri","sans-serif";

        color:#002060}

span.EmailStyle20

        {font-family:"Calibri","sans-serif";

        color:#1F497D}

.MsoChpDefault

        {font-size:10.0pt}

@page WordSection1

        {margin:72.0pt 72.0pt 72.0pt 72.0pt}

div.WordSection1

        {}

ol

        {margin-bottom:0cm}

ul

        {margin-bottom:0cm}

-->

</style>

</head>

<body lang="EN-US" link="blue" vlink="purple">

<div>

<div style="font-family:Calibri,sans-serif; font-size:11pt">Yes. The int and kdf parameters will be removed from the next draft.<br>

<br>

Thanks,<br>

-- Mike<br>

<br>

</div>

</div>

<hr>

<span style="font-family:Tahoma,sans-serif; font-size:10pt; font-weight:bold">From:

</span><span style="font-family:Tahoma,sans-serif; font-size:10pt">Axel.Nennker@telekom.de</span><br>

<span style="font-family:Tahoma,sans-serif; font-size:10pt; font-weight:bold">Sent:

</span><span style="font-family:Tahoma,sans-serif; font-size:10pt">9/4/2012 1:53 PM</span><br>

<span style="font-family:Tahoma,sans-serif; font-size:10pt; font-weight:bold">To:

</span><span style="font-family:Tahoma,sans-serif; font-size:10pt">Mike Jones; ejay@mgi1.com; emmanuel@raviart.com; bcampbell@pingidentity.com</span><br>

<span style="font-family:Tahoma,sans-serif; font-size:10pt; font-weight:bold">Cc:

</span><span style="font-family:Tahoma,sans-serif; font-size:10pt">openid-connect-interop@googlegroups.com; openid-specs-ab@lists.openid.net</span><br>

<span style="font-family:Tahoma,sans-serif; font-size:10pt; font-weight:bold">Subject:

</span><span style="font-family:Tahoma,sans-serif; font-size:10pt">RE: Updated JWE encryption examples</span><br>

<br>

<div>

<div class="WordSection1">

<p class="MsoNormal"><span style="color:#1F497D">I will finish this tomorrow. Is the “int” parameter removed from the header altogether? Kdf too?</span></p>

<p class="MsoNormal"><span style="color:#1F497D">I checked the changes into the jsoncrypto repository but my development laptop crashed and I could not complete all tests.</span></p>

<p class="MsoNormal"><span style="color:#1F497D"> </span></p>

<p class="MsoNormal"><span style="color:#1F497D">Axel</span></p>

<p class="MsoNormal"><span style="color:#1F497D"> </span></p>

<div>

<div style="border:none; border-top:solid #B5C4DF 1.0pt; padding:3.0pt 0cm 0cm 0cm">

<p class="MsoNormal"><b><span style="font-size:10.0pt; font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt; font-family:"Tahoma","sans-serif""> Mike Jones [mailto:Michael.Jones@microsoft.com]

<br>

<b>Sent:</b> Tuesday, September 04, 2012 8:56 PM<br>

<b>To:</b> Edmund Jay; Emmanuel Raviart; Brian Campbell; Nennker, Axel<br>

<b>Cc:</b> openid-connect-interop@googlegroups.com; openid-specs-ab@lists.openid.net<br>

<b>Subject:</b> Re: Updated JWE encryption examples</span></p>

</div>

</div>

<p class="MsoNormal"> </p>

<p class="MsoNormal"><span style="color:#002060">Have any of you tried decrypting these updated examples?  I plan on using them in the next release of the JWE spec, but would like confirmation that they’re correct.</span></p>

<p class="MsoNormal"><span style="color:#002060"> </span></p>

<p class="MsoNormal"><span style="color:#002060">                                                                Thanks again,</span></p>

<p class="MsoNormal"><span style="color:#002060">                                                                -- Mike</span></p>

<p class="MsoNormal"><span style="color:#002060"> </span></p>

<div>

<div style="border:none; border-top:solid #B5C4DF 1.0pt; padding:3.0pt 0cm 0cm 0cm">

<p class="MsoNormal"><b><span style="font-size:10.0pt; font-family:"Tahoma","sans-serif"">From:</span></b><span style="font-size:10.0pt; font-family:"Tahoma","sans-serif""> openid-connect-interop@googlegroups.com [mailto:openid-connect-interop@googlegroups.com]

<b>On Behalf Of </b>Mike Jones<br>

<b>Sent:</b> Wednesday, August 29, 2012 10:12 PM<br>

<b>To:</b> Edmund Jay; Emmanuel Raviart; Brian Campbell; Axel Nennker<br>

<b>Cc:</b> openid-connect-interop@googlegroups.com; openid-specs-ab@lists.openid.net<br>

<b>Subject:</b> Updated JWE encryption examples</span></p>

</div>

</div>

<p class="MsoNormal"> </p>

<p class="MsoNormal">Here’s updated encryption examples incorporating the proposed JWE/JWA changes.  In summary, changes in these computations are:</p>

<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">        

</span></span></span>Updated the Concat KDF calculation, per yesterday’s e-mail</p>

<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">        

</span></span></span>Consolidated the “enc”, “int”, and “kdf” parameters into a composite “enc” parameter, with new AES CBC “enc” values

<span style="color:#1F497D">“A128CBC+HS256” and “A256CBC+HS512”</span></p>

<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">        

</span></span></span><span style="color:#1F497D">Moved initialization vector out of the header into its own dot-separated parameter value (to save space and to factor it out for the JSON Serialization), with the JWE representation becoming header.encryptedKey.initializationVector.ciphertext.integrityValue</span></p>

<p class="MsoNormal"> </p>

<p class="MsoNormal">The examples attached are:</p>

<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">        

</span></span></span>JWE.log:  Will be used to create the new AES-CBC example in Section 3.2 and Appendix A.2 of the JWE specification</p>

<p class="MsoListParagraph" style="text-indent:-18.0pt"><span style="font-family:Symbol"><span style="">·<span style="font:7.0pt "Times New Roman"">        

</span></span></span>JWE2.log:  Will be used to create the new AES-GCM example in Section 3.1 and Appendix A.1 of the JWE specification</p>

<p class="MsoNormal"> </p>

<p class="MsoNormal">It would be great if any of you can verify that you can decrypt these results!</p>

<p class="MsoNormal"> </p>

<p class="MsoNormal">                                                            Thanks again,</p>

<p class="MsoNormal">                                                            -- Mike</p>

<p class="MsoNormal"> </p>

</div>

</div>

</body>

</html>