[Openid-specs-ab] FW: JOSE and JWT specs incorporating decisions from IETF 86

Mike Jones Michael.Jones at microsoft.com
Wed Apr 24 02:08:38 UTC 2013


I'll now update the OpenID Connect specs to use these updated JOSE specs.

                                                            -- Mike

From: Mike Jones
Sent: Tuesday, April 23, 2013 7:07 PM
To: jose at ietf.org; oauth at ietf.org
Subject: JOSE and JWT specs incorporating decisions from IETF 86

New versions of the JSON Object Signing and Encryption (JOSE) specifications JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Algorithms (JWA) and the JSON Web Token (JWT) specification have been released that incorporate the working group decisions made during and since IETF 86<http://www.ietf.org/meeting/86/>.

The primary new features in these working group drafts are:

*        adding support for private and symmetric keys to JWK and JWA,

*        adding support for JSON Serializations to JWS and JWE,

*        replacing the custom JOSE CBC+HMAC algorithms with ones compatible with those proposed in draft-mcgrew-aead-aes-cbc-hmac-sha2<http://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-01>,

*        defining that the default action for header parameters and claims that are not understood is to ignore them, while providing a way to designate that some extension header parameters must be understood.

More details on the changes made can be found in the Document History entries.

The specifications are available at:

*        http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-09

*        http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-09

*        http://tools.ietf.org/html/draft-ietf-jose-json-web-key-09

*        http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-09

*        http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-07

HTML formatted versions are also available at:

*        http://self-issued.info/docs/draft-ietf-jose-json-web-signature-09.html

*        http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-09.html

*        http://self-issued.info/docs/draft-ietf-jose-json-web-key-09.html

*        http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-09.html

*        http://self-issued.info/docs/draft-ietf-oauth-json-web-token-07.html

                                                            -- Mike

P.S.  This notice has also been posted at http://self-issued.info/?p=1008.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20130424/32d06be9/attachment.html>


More information about the Openid-specs-ab mailing list