<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
FWIW, I've built a utility program that uses the Nimbus-JOSE-JWT
library to generate public and private keys, and it prettyprints the
resulting keys to the console:<br>
<br>
<a class="moz-txt-link-freetext" href="https://github.com/mitreid-connect/json-web-key-generator">https://github.com/mitreid-connect/json-web-key-generator</a><br>
<br>
-- Justin<br>
<br>
<div class="moz-cite-prefix">On 06/03/2013 05:06 PM, Edmund Jay
wrote:<br>
</div>
<blockquote
cite="mid:1370293599.67598.YahooMailRC@web184403.mail.bf1.yahoo.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<style type="text/css"><!-- DIV {margin:0px;} --></style>
<div style="font-family:tahoma,new
york,times,serif;font-size:10pt">
<div>Hi Mike,<br>
<br>
I've attached the JWKs for the private keys used by the client
and the server for signing.<br>
client.jwk is used by the client in section 2.2.2.2<br>
server.jwk is used by the server in sectino 2.2.6.1<br>
<br>
The public JWK key listed in section 2.2.6.1 is used to
validate the ID Token instead of the Request Object. <br>
<br>
BTW, the JWK's are generated using Nimbus-JOSE-JWT library
since I don't have one that supports private keys yet.<br>
<br>
<br>
<br>
-- Edmund<br>
</div>
<div style="font-family:tahoma, new york, times,
serif;font-size:10pt"><br>
<div style="font-family:times new roman, new york, times,
serif;font-size:12pt"><font face="Tahoma" size="2">
<hr size="1"><b><span style="font-weight: bold;">From:</span></b>
Mike Jones <a class="moz-txt-link-rfc2396E" href="mailto:Michael.Jones@microsoft.com"><Michael.Jones@microsoft.com></a><br>
<b><span style="font-weight: bold;">To:</span></b> Edmund
Jay <a class="moz-txt-link-rfc2396E" href="mailto:ejay@mgi1.com"><ejay@mgi1.com></a><br>
<b><span style="font-weight: bold;">Cc:</span></b>
<a class="moz-txt-link-rfc2396E" href="mailto:openid-specs-ab@lists.openid.net">"openid-specs-ab@lists.openid.net"</a>
<a class="moz-txt-link-rfc2396E" href="mailto:openid-specs-ab@lists.openid.net"><openid-specs-ab@lists.openid.net></a><br>
<b><span style="font-weight: bold;">Sent:</span></b> Mon,
June 3, 2013 8:13:00 AM<br>
<b><span style="font-weight: bold;">Subject:</span></b>
Keys used in Standard examples<br>
</font><br>
<style><!--
_filtered {font-family:Calibri;panose-1:2 15 5 2 2 2 4 3 2 4;}
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;margin-bottom:.0001pt;font-size:11.0pt;font-family:"Calibri", "sans-serif";}
a:link, span.MsoHyperlink
{color:blue;text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;text-decoration:underline;}
span.EmailStyle17
{font-family:"Calibri", "sans-serif";color:windowtext;}
.MsoChpDefault
{}
_filtered {margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{}
--></style>
<div class="WordSection1">
<p class="MsoNormal">Hi Edmund,</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Can you please send us the keys used
to sign the ID Tokens in the examples in Standard
2.2.6.1? If you have all the parts of the private key,
please send them – not just “d”, but also “p”, “q”,
“dp”, dq”, and “qi”. Likewise, please send the full
private key information for the keys used to sign the
requests in 2.2.2.2 and 2.2.6.1.</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">Also, can you confirm that the key
used in 2.2.6.1 is the one used to sign the requests,
and not the one used to sign the ID tokens?</p>
<p class="MsoNormal"> </p>
<p class="MsoNormal">
Thanks,</p>
<p class="MsoNormal">
-- Mike</p>
<p class="MsoNormal"> </p>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Openid-specs-ab mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Openid-specs-ab@lists.openid.net">Openid-specs-ab@lists.openid.net</a>
<a class="moz-txt-link-freetext" href="http://lists.openid.net/mailman/listinfo/openid-specs-ab">http://lists.openid.net/mailman/listinfo/openid-specs-ab</a>
</pre>
</blockquote>
<br>
</body>
</html>