[jose] JWS Unencoded Payload Option -02
Mike Jones <Michael.Jones@microsoft.com> Mon, 14 September 2015 06:28 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: jose@ietfa.amsl.com
Delivered-To: jose@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D79271B361D for <jose@ietfa.amsl.com>; Sun, 13 Sep 2015 23:28:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.102
X-Spam-Level:
X-Spam-Status: No, score=-0.102 tagged_above=-999 required=5 tests=[BAYES_20=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PFNtGmY_8wWx for <jose@ietfa.amsl.com>; Sun, 13 Sep 2015 23:28:34 -0700 (PDT)
Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0794.outbound.protection.outlook.com [IPv6:2a01:111:f400:fc10::794]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3F851B3656 for <jose@ietf.org>; Sun, 13 Sep 2015 23:28:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector1; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ehX3XZ253KqbW1rhIGNAl+6RVQHfljT8SsAN1RKyC94=; b=cKlzDml5rr4fAlUXUnGTd014mIbPcCS9o4bMTcCj8nDHpLGL1MEmIRpxazeSDq+DLfp9FqfM2lZrVeCrHtCIFyjHl6cGvyblDvvtBXKa6Iv1k+hDbejjMZvbMjPL9UqHhulOvwYllwW2zO9vM7LkFM05LF63h+EPM1bYtbkCxVo=
Received: from BY2PR03MB442.namprd03.prod.outlook.com (10.141.141.145) by BY2PR03MB444.namprd03.prod.outlook.com (10.141.141.154) with Microsoft SMTP Server (TLS) id 15.1.268.17; Mon, 14 Sep 2015 06:28:30 +0000
Received: from BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) by BY2PR03MB442.namprd03.prod.outlook.com ([10.141.141.145]) with mapi id 15.01.0268.017; Mon, 14 Sep 2015 06:28:30 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "jose@ietf.org" <jose@ietf.org>
Thread-Topic: JWS Unencoded Payload Option -02
Thread-Index: AdDutpIDFqOinCBfSQutxj2i4CdpaA==
Date: Mon, 14 Sep 2015 06:28:29 +0000
Message-ID: <BY2PR03MB4426953B0CBDE007FBBF06BF55D0@BY2PR03MB442.namprd03.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=Michael.Jones@microsoft.com;
x-originating-ip: [174.7.255.77]
x-microsoft-exchange-diagnostics: 1; BY2PR03MB444; 5:2OnD30DOSpFWAxgeY7nPgrZjFuGu7kZD+2xEhESIWS9J6AosY59JZXymphdkrNDtpsna/mXExZZZils1Uwpu5cP2n8p7jUbK7GDexa8PeQ2CrZkBHfC7GOpd1WawF2I7+RSsH9QYwrXn+ZDZu07Uug==; 24:oNpkEN8LPgklgJFnh1HN90GQmiSZcKQUPe3TdU2vgoRClP98LokI3DEeAaEYwsdylnaajY9Pp4I3RzY6P4DkPrppuwW104igoLUx7P2fZXM=; 20:wpaWmpOnexWcksJKuS7bjvGgP7/zzVpQ7Fm56i/bnXSIGXNW1UZIPYUgfxU1Dm+mJUFjVD+I0p8EvaRtXkiBBg==
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BY2PR03MB444;
x-microsoft-antispam-prvs: <BY2PR03MB44461E1B04308E9782CC02CF55D0@BY2PR03MB444.namprd03.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(108003899814671);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(61425019)(601004)(2401001)(5005006)(8121501046)(3002001)(61426019)(61427019); SRVR:BY2PR03MB444; BCL:0; PCL:0; RULEID:; SRVR:BY2PR03MB444;
x-forefront-prvs: 0699FCD394
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(209900001)(51914003)(189002)(199003)(107886002)(74316001)(101416001)(106356001)(5004730100002)(33656002)(10090500001)(77096005)(2501003)(19625215002)(102836002)(229853001)(46102003)(76576001)(54356999)(99286002)(50986999)(105586002)(15975445007)(19617315012)(19300405004)(5001860100001)(2351001)(19580395003)(5007970100001)(87936001)(110136002)(92566002)(64706001)(8990500004)(19609705001)(66066001)(5001920100001)(86362001)(5005710100001)(11100500001)(68736005)(77156002)(5001960100002)(2900100001)(4001540100001)(97736004)(16236675004)(5002640100001)(62966003)(81156007)(450100001)(40100003)(86612001)(189998001)(5003600100002)(5001830100001)(122556002)(10290500002)(10400500002)(6606295002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR03MB444; H:BY2PR03MB442.namprd03.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: microsoft.com does not designate permitted sender hosts)
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BY2PR03MB4426953B0CBDE007FBBF06BF55D0BY2PR03MB442namprd_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Sep 2015 06:28:29.7270 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR03MB444
Archived-At: <http://mailarchive.ietf.org/arch/msg/jose/w7rn5Db_4onbxAz-KKN-ZLiOdD4>
Subject: [jose] JWS Unencoded Payload Option -02
X-BeenThere: jose@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Javascript Object Signing and Encryption <jose.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/jose>, <mailto:jose-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/jose/>
List-Post: <mailto:jose@ietf.org>
List-Help: <mailto:jose-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/jose>, <mailto:jose-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 Sep 2015 06:28:37 -0000
Draft -02 of the JWS Unencoded Payload Option specification makes these updates: * Required that "b64" be integrity protected. * Stated that if the JWS has multiple signatures and/or MACs, the "b64" Header Parameter value MUST be the same for all of them. * Stated that if applications use content encoding, they MUST specify whether the encoded or unencoded payload is used as the JWS Payload value. * Reorganized the Unencoded Payload Content Restrictions section. * Added an "updates" clause for RFC 7519 because this specification prohibits JWTs from using "b64":false. Thanks for the working group feedback that resulted in these improvements. The specification is available at: * https://tools.ietf.org/html/draft-ietf-jose-jws-signing-input-options-02 An HTML formatted version is also available at: * http://self-issued.info/docs/draft-ietf-jose-jws-signing-input-options-02.html -- Mike P.S. This note is also posted at http://self-issued.info/?p=1456 and as @selfissued<https://na01.safelinks.protection.outlook.com/?url=https%3a%2f%2ftwitter.com%2fselfissued&data=01%7c01%7cmichael.jones%40microsoft.com%7c3a69db7b8b6c4d47da0f08d2937a3d82%7c72f988bf86f141af91ab2d7cd011db47%7c1&sdata=ggurSMkRVW%2bR8Nv93Mnbsf16CmVGqfjB9lW8SV5gAKM%3d>.
- [jose] JWS Unencoded Payload Option -02 Mike Jones
- [jose] JWT with JWS Unencoded Payload Options Vladimir Dzhuvinov
- Re: [jose] JWT with JWS Unencoded Payload Options Vladimir Dzhuvinov
- Re: [jose] JWT with JWS Unencoded Payload Options Mike Jones