[Openid-specs-ab] OpenID specs updated to track JWE changes

[Mike Jones]

As most of you know, the format of encrypted JWE objects changed in draft-ietf-jose-json-web-encryption-06<http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-06> last month.  The primary changes were to eliminate the "int" (integrity) parameter and to create consolidated "A128CBC+HS256" and "A256CBC+HS512" algorithms.  As a result, I've updated the Open Connect specs to match.  Also, to address issue #614<https://bitbucket.org/openid/connect/issue/614> and issue #673<https://bitbucket.org/openid/connect/issue/673>, the parameters used for requesting signed and encrypted objects were reworked to provide finer grained control and more naming consistency.  Parameter changes were:

Parameters changed:
               userinfo_algs_supported ->
                              userinfo_signing_alg_values_supported
                              userinfo_encryption_alg_values_supported
                              userinfo_encryption_enc_values_supported
               id_token_algs_supported ->
                              id_token_signing_alg_values_supported
                              id_token_encryption_alg_values_supported
                              id_token_encryption_enc_values_supported
               request_object_algs_supported ->
                              request_object_signing_alg_values_supported
                              request_object_encryption_alg_values_supported
                              request_object_encryption_enc_values_supported
               token_endpoint_auth_algs_supported ->
                              token_endpoint_auth_signing_alg_values_supported
               require_signed_request_object ->
                              request_object_signing_alg
Parameters deleted:
               userinfo_encrypted_response_int
               id_token_encrypted_response_int

People should update their Connect code accordingly, as well as their JWE code.

There were changes to all the Connect specifications.  There are links to the new versions at http://openid.bitbucket.org/.  Direct links are:

*        http://openid.bitbucket.org/openid-connect-basic-1_0.html

*        http://openid.bitbucket.org/openid-connect-implicit-1_0.html

*        http://openid.bitbucket.org/openid-connect-messages-1_0.html

*        http://openid.bitbucket.org/openid-connect-standard-1_0.html

*        http://openid.bitbucket.org/openid-connect-discovery-1_0.html

*        http://openid.bitbucket.org/openid-connect-registration-1_0.html

*        http://openid.bitbucket.org/openid-connect-session-1_0.html

Hopefully this will be the last major set of breaking changes.  Please write if you have any questions.

                                                            -- Mike

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20121121/8b3ea1cd/attachment.html>