[jose] JOSE -37 and JWT -31 drafts addressing remaining IESG review comments
Mike Jones <Michael.Jones@microsoft.com> Thu, 20 November 2014 01:22 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3D26D1A6F13 for <jose@ietfa.amsl.com>; Wed, 19 Nov 2014 17:22:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KSedXnZO-LzN for <jose@ietfa.amsl.com>; Wed, 19 Nov 2014 17:22:20 -0800 (PST)
Received: from na01-by2-obe.outbound.protection.outlook.com (mail-by2on0132.outbound.protection.outlook.com [207.46.100.132]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6C18D1A03A6 for <jose@ietf.org>; Wed, 19 Nov 2014 17:22:20 -0800 (PST)
Received: from BY2PR03CA054.namprd03.prod.outlook.com (10.141.249.27) by BY1PR0301MB1206.namprd03.prod.outlook.com (25.161.203.155) with Microsoft SMTP Server (TLS) id 15.1.26.15; Thu, 20 Nov 2014 01:22:18 +0000
Received: from BN1BFFO11FD041.protection.gbl (2a01:111:f400:7c10::1:153) by BY2PR03CA054.outlook.office365.com (2a01:111:e400:2c5d::27) with Microsoft SMTP Server (TLS) id 15.1.26.15 via Frontend Transport; Thu, 20 Nov 2014 01:22:18 +0000
Received: from mail.microsoft.com (131.107.125.37) by BN1BFFO11FD041.mail.protection.outlook.com (10.58.144.104) with Microsoft SMTP Server (TLS) id 15.1.6.13 via Frontend Transport; Thu, 20 Nov 2014 01:22:17 +0000
Received: from TK5EX14MBXC286.redmond.corp.microsoft.com ([169.254.1.229]) by TK5EX14MLTC104.redmond.corp.microsoft.com ([157.54.79.159]) with mapi id 14.03.0210.003; Thu, 20 Nov 2014 01:21:38 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "jose@ietf.org" <jose@ietf.org>
Thread-Topic: JOSE -37 and JWT -31 drafts addressing remaining IESG review comments
Thread-Index: AdAEYE/mZ7+JGScpTO2tFTNz3XO8hQ==
Date: Thu, 20 Nov 2014 01:21:37 +0000
Message-ID: <4E1F6AAD24975D4BA5B16804296739439BB8DC36@TK5EX14MBXC286.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.76]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B16804296739439BB8DC36TK5EX14MBXC286r_"
MIME-Version: 1.0
X-EOPAttributedMessage: 0
Received-SPF: Pass (protection.outlook.com: domain of microsoft.com designates 131.107.125.37 as permitted sender) receiver=protection.outlook.com; client-ip=131.107.125.37; helo=mail.microsoft.com;
Authentication-Results: spf=pass (sender IP is 131.107.125.37) smtp.mailfrom=Michael.Jones@microsoft.com;
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(10019020)(438002)(189002)(199003)(86612001)(16236675004)(92566001)(92726001)(50986999)(86362001)(15975445006)(85806002)(44976005)(19580395003)(6806004)(69596002)(68736004)(46102003)(54356999)(512954002)(55846006)(4396001)(66066001)(84676001)(84326002)(71186001)(20776003)(64706001)(120916001)(99396003)(2501002)(97736003)(31966008)(15202345003)(16297215004)(19300405004)(106466001)(81156004)(107046002)(229853001)(2351001)(77096003)(62966003)(19617315012)(77156002)(104016003)(110136001)(19625215002)(33656002)(2656002)(87936001)(95666004)(21056001)(26826002)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY1PR0301MB1206; H:mail.microsoft.com; FPR:; SPF:Pass; MLV:ovrnspm; PTR:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-Microsoft-Antispam: UriScan:;
X-Microsoft-Antispam: BCL:0;PCL:0;RULEID:;SRVR:BY1PR0301MB1206;
X-O365ENT-EOP-Header: Message processed by - O365_ENT: Allow from ranges (Engineering ONLY)
X-Exchange-Antispam-Report-Test: UriScan:;
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:; SRVR:BY1PR0301MB1206;
X-Forefront-PRVS: 0401647B7F
X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:; SRVR:BY1PR0301MB1206;
X-OriginatorOrg: microsoft.onmicrosoft.com
Archived-At: http://mailarchive.ietf.org/arch/msg/jose/XyR7ofcKSCgE0zZXk1AfUbw2A2U
Cc: Richard Barnes <rlb@ipv.sx>, Pete Resnick <presnick@qti.qualcomm.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Subject: [jose] JOSE -37 and JWT -31 drafts addressing remaining IESG review comments
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Nov 2014 01:22:23 -0000
These JOSE and JWT drafts contain updates intended to address the remaining outstanding IESG review comments by Pete Resnick, Stephen Farrell, and Richard Barnes, other than one that Pete may still provide text for. Algorithm names are now restricted to using only ASCII characters, the TLS requirements language has been refined, the language about integrity protecting header parameters used in trust decisions has been augmented, we now say what to do when an RSA private key with "oth" is encountered but not supported, and we now talk about JWSs with invalid signatures being considered invalid, rather than them being rejected. Also, added the CRT parameter values to example JWK RSA private key representations. The specifications are available at: * http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-37 * http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-37 * http://tools.ietf.org/html/draft-ietf-jose-json-web-key-37 * http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-37 * http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-31 HTML formatted versions are available at: * http://self-issued.info/docs/draft-ietf-jose-json-web-signature-37.html * http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-37.html * http://self-issued.info/docs/draft-ietf-jose-json-web-key-37.html * http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-37.html * http://self-issued.info/docs/draft-ietf-oauth-json-web-token-31.html -- Mike P.S. This notice was also posted at http://self-issued.info/?p=1303 and as @selfissued.