[OAUTH-WG] JSON Web Token (JWT) and JSON Web Signature (JWS) now in separate specs

Mike Jones Michael.Jones at microsoft.com
Mon Mar 28 09:28:51 UTC 2011 

These are now published as IETF drafts.  The IETF .txt version links are:
               http://www.ietf.org/id/draft-jones-json-web-token-03.txt
               http://www.ietf.org/id/draft-jones-json-web-signature-01.txt

                                                            -- Mike

From: oauth-bounces at ietf.org [mailto:oauth-bounces at ietf.org] On Behalf Of Mike Jones
Sent: Friday, March 25, 2011 10:26 PM
To: oauth at ietf.org; woes at ietf.org; openid-specs-ab at lists.openid.net
Cc: openid-specs at lists.openid.net
Subject: [OAUTH-WG] JSON Web Token (JWT) and JSON Web Signature (JWS) now in separate specs

As promised, I have split the contents of the JWT spec draft-jones-json-web-token-01<http://self-issued.info/docs/draft-jones-json-web-token-01.html> into two simpler specs:
                draft-jones-json-web-token-02<http://self-issued.info/docs/draft-jones-json-web-token-02.html>
                draft-jones-json-web-signature-00<http://self-issued.info/docs/draft-jones-json-web-signature-00.html>
These should have introduced no semantic changes from the previous spec.

I then applied the feedback that I received since JWT -01 and created revised versions of the split specs:
                draft-jones-json-web-token-03<http://self-issued.info/docs/draft-jones-json-web-token-03.html>
                draft-jones-json-web-signature-01<http://self-issued.info/docs/draft-jones-json-web-signature-01.html>
The only breaking change introduced was that x5t (X.509 Certificate Thumbprint) is now a SHA-1 hash of the DER-encoded certificate, rather than a SHA-256 has, as SHA-1 is the prevailing existing practice for certificate thumbprint calculations.  See the Document History sections for details on each change made.

.txt and .xml versions are also available.  I plan to publish these as IETF drafts once the submission window re-opens on Monday.  Feedback welcome!

                                                            -- Mike

P.S.  Yes, work on the companion encryption spec is now under way...

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs/attachments/20110328/d694f743/attachment.html>

More information about the specs mailing list