Protocol Action: 'JSON Web Signature (JWS)' to Proposed Standard (draft-ietf-jose-json-web-signature-41.txt)

The IESG <> Fri, 16 January 2015 20:46 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 5B4791B2BF4; Fri, 16 Jan 2015 12:46:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -101.9
X-Spam-Status: No, score=-101.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, USER_IN_WHITELIST=-100] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id LL-W-Q3OCMJD; Fri, 16 Jan 2015 12:46:20 -0800 (PST)
Received: from (localhost [IPv6:::1]) by (Postfix) with ESMTP id A86661B2C03; Fri, 16 Jan 2015 12:46:12 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <>
To: IETF-Announce <>
Subject: Protocol Action: 'JSON Web Signature (JWS)' to Proposed Standard (draft-ietf-jose-json-web-signature-41.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 5.10.0.p8
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <>
Date: Fri, 16 Jan 2015 12:46:12 -0800
Archived-At: <>
Cc: jose chair <>, jose mailing list <>, RFC Editor <>
X-Mailman-Version: 2.1.15
List-Id: "IETF announcement list. No discussions." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 16 Jan 2015 20:46:22 -0000

The IESG has approved the following document:
- 'JSON Web Signature (JWS)'
  (draft-ietf-jose-json-web-signature-41.txt) as Proposed Standard

This document is the product of the Javascript Object Signing and
Encryption Working Group.

The IESG contact persons are Kathleen Moriarty and Stephen Farrell.

A URL of this Internet Draft is:

Technical Summary

This document, JSON Web Signature (JWS), represents content secured with digital 
signatures or Message Authentication Codes (MACs) using JavaScript Object 
Notation (JSON) based data structures.  Two serializations for JWS objects are 
defined, a compact, URL-safe representation and a JSON serialization.

Working Group Summary

The document has clear working group consensus for publication, and has been 
reviewed by several WG participants since its initial adoption as a working group 

Document Quality

This document has been reviewed and revised many times. There are multiple 
implementations of this document. Some of these are listed at: (see the JWT/JWS/JWE/JWK/JWA 
Implementations section). 

There was much discussion on this draft in last call and while most of the discussions
were resolved, there is a discussion continuing for the duplicate member name text.
The current text aligns with WG consensus prior to IETF last call and was split between 
those commenting (implementation vs. possibly 'doing the right thing').


Karen O'Donoghue is acting as the Document Shepherd.  Kathleen Moriarty is the 
Responsible Area Director. 


  'The registries use the 5226 'Specification Required'
   registration policy.'

RFC Editor Note: 

This draft is part of a set of drafts that cross 2 working groups. I am 
working through the reviews (shepherd just confirmed them for the OAuth 
ones) and would like them processed as a set. The JOSE drafts will 
hopefully be ready shortly as well. The set includes (in order):

1 draft-ietf-jose-json-web-signature
2 draft-ietf-jose-json-web-encryption
3 draft-ietf-jose-json-web-key
4 draft-ietf-jose-json-web-algorithms
5 draft-ietf-oauth-json-web-token
6 draft-ietf-jose-cookbook
7 draft-ietf-oauth-assertions
8 draft-ietf-oauth-saml2-bearer
9 draft-ietf-oauth-jwt-bearer