[jose] Tightened Key Managed JWS Spec
Mike Jones <Michael.Jones@microsoft.com> Wed, 27 May 2015 23:57 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A6D261ACD11 for <jose@ietfa.amsl.com>; Wed, 27 May 2015 16:57:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YZizIZNrD6TU for <jose@ietfa.amsl.com>; Wed, 27 May 2015 16:57:35 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0747.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::747]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 79B641A9233 for <jose@ietf.org>; Wed, 27 May 2015 16:57:27 -0700 (PDT)
Received: from BL2PR03MB434.namprd03.prod.outlook.com (10.141.92.22) by BL2PR03MB209.namprd03.prod.outlook.com (10.255.230.140) with Microsoft SMTP Server (TLS) id 15.1.184.10; Wed, 27 May 2015 23:57:11 +0000
Received: from BL2PR03MB433.namprd03.prod.outlook.com (10.141.92.19) by BL2PR03MB434.namprd03.prod.outlook.com (10.141.92.22) with Microsoft SMTP Server (TLS) id 15.1.184.10; Wed, 27 May 2015 23:57:10 +0000
Received: from BL2PR03MB433.namprd03.prod.outlook.com ([10.141.92.19]) by BL2PR03MB433.namprd03.prod.outlook.com ([10.141.92.19]) with mapi id 15.01.0184.009; Wed, 27 May 2015 23:57:10 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "jose@ietf.org" <jose@ietf.org>
Thread-Topic: Tightened Key Managed JWS Spec
Thread-Index: AdCY2M/LLt/hpU41S9SujXgPXPLaNw==
Date: Wed, 27 May 2015 23:57:10 +0000
Message-ID: <BL2PR03MB433FCE29FB0D85441A0D9CDF5CB0@BL2PR03MB433.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [2001:4898:80e0:ee43::2]
x-microsoft-exchange-diagnostics: 1; BL2PR03MB434; 3:Ed1UMD9QTHqTiwNEwjYXjqsJlcxICT8BhTpsAFXfOphdEQaIOd7Brjpf5IkgJH5k0DOtzPDPwX5kqs8hjwEdr+nlqXSyAc9pXxrt+GqZXLOLbbuSjmkAk3XefUlW47+uscsRe1F3qxvj6mf51xGa7w==; 10:ppzIVGCEMpzOteujVTv5muloStn4HGZSlhfSuZt6Yl6aPEyZaZ/dH65qpzMLKTonyDXR7zOwX0/pV+t5qb/o8AgrpUjLAJBp+m9RL4LkSuw=; 6:N21v5yOgIUFu3FeaMDzyQmY5Y6Q2Q2MEqCo8vx0MmF/y+Qzs92+rtWu/OvsqwEBN
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:; SRVR:BL2PR03MB434; UriScan:; BCL:0; PCL:0; RULEID:; SRVR:BL2PR03MB209;
x-microsoft-antispam-prvs: <BL2PR03MB434D54E99591A10F7AEAF4AF5CB0@BL2PR03MB434.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401001)(520003)(5005006)(3002001); SRVR:BL2PR03MB434; BCL:0; PCL:0; RULEID:; SRVR:BL2PR03MB434;
x-forefront-prvs: 05891FB07F
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(209900001)(199003)(189002)(99286002)(105586002)(19580395003)(19625215002)(50986999)(33656002)(54356999)(86362001)(16236675004)(86612001)(46102003)(19300405004)(2351001)(229853001)(19609705001)(74316001)(106356001)(5002640100001)(87936001)(19617315012)(2656002)(77096005)(5001920100001)(189998001)(68736005)(92566002)(122556002)(97736004)(76576001)(15975445007)(77156002)(2501003)(450100001)(4001540100001)(62966003)(81156007)(2900100001)(102836002)(40100003)(101416001)(5001860100001)(110136002)(107886002)(5001960100002)(64706001)(5001830100001)(3826002)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:BL2PR03MB434; H:BL2PR03MB433.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; A:1; MX:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
Content-Type: multipart/alternative; boundary="_000_BL2PR03MB433FCE29FB0D85441A0D9CDF5CB0BL2PR03MB433namprd_"
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 May 2015 23:57:10.1474 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL2PR03MB434
X-Microsoft-Exchange-Diagnostics: 1; BL2PR03MB209; 2:5+q0hAhY8YLcsHpGhHcq/W7QNCYYn8f6BrHUTkiTEYT3EAMCOlcCD57IL8FQ+deq; 2:xhOvGluv+IfX5ozBQaV/Sq2dBIN00Wdgu45ClG8+l+c9sOWYPM+Zxo4TNefkBgo9gBvYsbxRCR2Dl2ByLXX2S0y1IyCP5lMKZjEhMdVHAcK6MZ66sYpdQ3ZnYDUXKQSsckae9nQQNqhAgJhojiQevg==; 9:ZLpNT44xlGWPfu2pamFg83hJSz3RfBhmZuTQ17vIFLvDN/CdWoBRkzgJtq2+sQXVFSjI7MdUGNReR9RfTnTgGMSrKMQCZQoPH4suwPuWKWwkpxe4MWJkJ473UmkPS3UwzETJym7EU2ZNgdZIEP2TdQ==
X-OriginatorOrg: microsoft.com
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/2jjOOCBwF8nm_HnpA5jLlfEBdNc>
Subject: [jose] Tightened Key Managed JWS Spec
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 May 2015 23:57:37 -0000
The -01 version of draft-jones-jose-key-managed-json-web-signature tightened the semantics by prohibiting use of "dir" as the "alg" header parameter value so a second equivalent representation for content integrity-protected with a MAC with no key management isn't introduced. (A normal JWS will do just fine in this case.) Thanks to Jim Schaad for pointing this out. This version also adds acknowledgements and references the now-final JOSE RFCs<http://self-issued.info/?p=1387>. This specification is available at: * https://tools.ietf.org/html/draft-jones-jose-key-managed-json-web-signature-01 An HTML formatted version is also available at: * http://self-issued.info/docs/draft-jones-jose-key-managed-json-web-signature-01.html -- Mike P.S. This note was also posted at http://self-issued.info/?p=1396 and as @selfissued.
- [jose] Tightened Key Managed JWS Spec Mike Jones
- Re: [jose] Tightened Key Managed JWS Spec Manger, James
- Re: [jose] Tightened Key Managed JWS Spec Mike Jones