[OAUTH-WG] JSON Web Token (JWT) Specification Draft -10
Mike Jones <Michael.Jones@microsoft.com> Sun, 13 May 2012 00:18 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3B52921F86CA for <oauth@ietfa.amsl.com>; Sat, 12 May 2012 17:18:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.907
X-Spam-Level:
X-Spam-Status: No, score=-3.907 tagged_above=-999 required=5 tests=[AWL=-0.309, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Jj1Fqaw12EoH for <oauth@ietfa.amsl.com>; Sat, 12 May 2012 17:18:36 -0700 (PDT)
Received: from va3outboundpool.messaging.microsoft.com (va3ehsobe005.messaging.microsoft.com [216.32.180.31]) by ietfa.amsl.com (Postfix) with ESMTP id 448C921F86C8 for <oauth@ietf.org>; Sat, 12 May 2012 17:18:36 -0700 (PDT)
Received: from mail124-va3-R.bigfish.com (10.7.14.247) by VA3EHSOBE007.bigfish.com (10.7.40.11) with Microsoft SMTP Server id 14.1.225.23; Sun, 13 May 2012 00:18:33 +0000
Received: from mail124-va3 (localhost [127.0.0.1]) by mail124-va3-R.bigfish.com (Postfix) with ESMTP id EEBBD120323 for <oauth@ietf.org>; Sun, 13 May 2012 00:18:32 +0000 (UTC)
X-Forefront-Antispam-Report: CIP:131.107.125.8; KIP:(null); UIP:(null); IPV:NLI; H:TK5EX14HUBC106.redmond.corp.microsoft.com; RD:none; EFVD:NLI
X-SpamScore: -12
X-BigFish: VS-12(zzc85fhzz1202hzz1033IL8275eh8275bh8275dh3284oa1495iz2fh2a8h668h839hd25h)
Received-SPF: pass (mail124-va3: domain of microsoft.com designates 131.107.125.8 as permitted sender) client-ip=131.107.125.8; envelope-from=Michael.Jones@microsoft.com; helo=TK5EX14HUBC106.redmond.corp.microsoft.com ; icrosoft.com ;
Received: from mail124-va3 (localhost.localdomain [127.0.0.1]) by mail124-va3 (MessageSwitch) id 1336868311580583_20222; Sun, 13 May 2012 00:18:31 +0000 (UTC)
Received: from VA3EHSMHS025.bigfish.com (unknown [10.7.14.248]) by mail124-va3.bigfish.com (Postfix) with ESMTP id 8143D220042 for <oauth@ietf.org>; Sun, 13 May 2012 00:18:31 +0000 (UTC)
Received: from TK5EX14HUBC106.redmond.corp.microsoft.com (131.107.125.8) by VA3EHSMHS025.bigfish.com (10.7.99.35) with Microsoft SMTP Server (TLS) id 14.1.225.23; Sun, 13 May 2012 00:18:31 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.189]) by TK5EX14HUBC106.redmond.corp.microsoft.com ([157.54.80.61]) with mapi id 14.02.0298.005; Sun, 13 May 2012 00:18:32 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: JSON Web Token (JWT) Specification Draft -10
Thread-Index: Ac0wney5E9KEETp7T86BmhWRCpKKug==
Date: Sun, 13 May 2012 00:18:31 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943664F190F@TK5EX14MBXC284.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.35]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943664F190FTK5EX14MBXC284r_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
Subject: [OAUTH-WG] JSON Web Token (JWT) Specification Draft -10
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 13 May 2012 00:18:37 -0000
Draft -10<http://self-issued.info/docs/draft-jones-json-web-token-10.html> of the JSON Web Token (JWT)<http://self-issued.info/docs/draft-jones-json-web-token.html> specification has been published. It uses the -02 versions of the JOSE specifications and contains parallel editorial changes to those applied to the JOSE specs. Changes were: * Clarified the relationship between typ header parameter values, typ claim values, and MIME types. * Clarified that JWTs with duplicate Header Parameter Names or Duplicate Claim names MUST be rejected. * Required implementation of AES-128-KW and AES-256-KW when the implementation provides encryption capabilities. * Registered "JWT" typ header parameter value. * Generalized language to refer to Message Authentication Codes (MACs) rather than Hash-based Message Authentication Codes (HMACs) unless in a context specific to HMAC algorithms. * Reformatted to give each claim definition and header parameter its own section heading. The specification is available at: * http://tools.ietf.org/html/draft-jones-json-web-token-10 An HTML formatted version is available at: * http://self-issued.info/docs/draft-jones-json-web-token-10.html -- Mike
- Re: [OAUTH-WG] JSON Web Token (JWT) Specification… Lewis Adam-CAL022
- [OAUTH-WG] JSON Web Token (JWT) Specification Dra… Mike Jones
- Re: [OAUTH-WG] JSON Web Token (JWT) Specification… John Bradley
- Re: [OAUTH-WG] JSON Web Token (JWT) Specification… Mike Jones