Re: [OAUTH-WG] Pre-IETF 84 versions of JOSE and JWT specifications
Anil Saldhana <Anil.Saldhana@redhat.com> Fri, 27 July 2012 15:34 UTC
Return-Path: <Anil.Saldhana@redhat.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5D9521F871E for <oauth@ietfa.amsl.com>; Fri, 27 Jul 2012 08:34:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.598
X-Spam-Level:
X-Spam-Status: No, score=-110.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ycK64-GghyOE for <oauth@ietfa.amsl.com>; Fri, 27 Jul 2012 08:34:02 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by ietfa.amsl.com (Postfix) with ESMTP id BC7C521F8723 for <oauth@ietf.org>; Fri, 27 Jul 2012 08:34:02 -0700 (PDT)
Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q6RFY1Ai030539 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <oauth@ietf.org>; Fri, 27 Jul 2012 11:34:01 -0400
Received: from [10.3.236.21] (vpn-236-21.phx2.redhat.com [10.3.236.21]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id q6RFXxsl008356 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <oauth@ietf.org>; Fri, 27 Jul 2012 11:34:00 -0400
Message-ID: <5012B4E7.1090505@redhat.com>
Date: Fri, 27 Jul 2012 10:33:59 -0500
From: Anil Saldhana <Anil.Saldhana@redhat.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:14.0) Gecko/20120717 Thunderbird/14.0
MIME-Version: 1.0
To: oauth@ietf.org
References: <4E1F6AAD24975D4BA5B1680429673943667349BA@TK5EX14MBXC285.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943667349BA@TK5EX14MBXC285.redmond.corp.microsoft.com>
Content-Type: multipart/alternative; boundary="------------020104030207080502040202"
X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12
Subject: Re: [OAUTH-WG] Pre-IETF 84 versions of JOSE and JWT specifications
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jul 2012 15:34:05 -0000
Mike, I am wondering if it is possible to change Integrity Check from "int" to something else in JWE? int is a keyword in many programming languages and would not translate directly to classes in Java etc. intc,intk? Regards, Anil On 07/16/2012 08:48 PM, Mike Jones wrote: > > I've made a minor release of the JSON WEB > {Signature,Encryption,Key,Algorithms,Token} (JWS, JWE, JWK, JWA, JWT) > working group specifications and the JWS and JWE JSON Serialization > (JWS-JS, JWE-JS) individual submission specifications in preparation > for IETF 84 in Vancouver, BC > <http://www.ietf.org/meeting/84/index.html>. These versions > incorporate feedback from working group members since the major > release on July 6^th <http://self-issued.info/?p=759>, and update the > lists of open issues in preparation for discussions in Vancouver (and > on the working group mailing lists). > > One significant addition is that the JWT and JWE-JS specs both now > contain complete, testable examples with encrypted results. No > normative changes were made. > > The working group specifications are available at: > > ·http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-04 > > ·http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-04 > > ·http://tools.ietf.org/html/draft-ietf-jose-json-web-key-04 > > ·http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-04 > > ·http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-02 > > The individual submission specifications are available at: > > ·http://tools.ietf.org/html/draft-jones-jose-jws-json-serialization-01 > > ·http://tools.ietf.org/html/draft-jones-jose-jwe-json-serialization-01 > > The document history entries (also in the specifications) are as follows: > > http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-04 > > * Completed JSON Security Considerations section, including > considerations about rejecting input with duplicate member names. > * Completed security considerations on the use of a SHA-1 hash when > computing x5t(x.509 certificate thumbprint) values. > * Refer to the registries as the primary sources of defined values > and then secondarily reference the sections defining the initial > contents of the registries. > * Normatively reference XML DSIG 2.0 [W3C.CR-xmldsig-core2-20120124] > for its security considerations. > * Added this language to Registration Templates: "This name is case > sensitive. Names that match other registered names in a case > insensitive manner SHOULD NOT be accepted." > * Reference draft-jones-jose-jws-json-serialization instead of > draft-jones-json-web-signature-json-serialization. > * Described additional open issues. > * Applied editorial suggestions. > > http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-04 > > * Refer to the registries as the primary sources of defined values > and then secondarily reference the sections defining the initial > contents of the registries. > * Normatively reference XML Encryption 1.1 > [W3C.CR-xmlenc-core1-20120313] for its security considerations. > * Reference draft-jones-jose-jwe-json-serialization instead of > draft-jones-json-web-encryption-json-serialization. > * Described additional open issues. > * Applied editorial suggestions. > > http://tools.ietf.org/html/draft-ietf-jose-json-web-key-04 > > * Refer to the registries as the primary sources of defined values > and then secondarily reference the sections defining the initial > contents of the registries. > * Normatively reference XML DSIG 2.0 [W3C.CR-xmldsig-core2-20120124] > for its security considerations. > * Added this language to Registration Templates: "This name is case > sensitive. Names that match other registered names in a case > insensitive manner SHOULD NOT be accepted." > * Described additional open issues. > * Applied editorial suggestions. > > http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-04 > > * Added text requiring that any leading zero bytes be retained in > base64url encoded key value representations for fixed-length values. > * Added this language to Registration Templates: "This name is case > sensitive. Names that match other registered names in a case > insensitive manner SHOULD NOT be accepted." > * Described additional open issues. > * Applied editorial suggestions. > > http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-02 > > * Added an example of an encrypted JWT. > * Added this language to Registration Templates: "This name is case > sensitive. Names that match other registered names in a case > insensitive manner SHOULD NOT be accepted." > * Applied editorial suggestions. > > http://tools.ietf.org/html/draft-jones-jose-jws-json-serialization-01 > > * Generalized language to refer to Message Authentication Codes > (MACs) rather than Hash-based Message Authentication Codes (HMACs). > > http://tools.ietf.org/html/draft-jones-jose-jwe-json-serialization-01 > > * Added a complete JWE-JS example. > * Generalized language to refer to Message Authentication Codes > (MACs) rather than Hash-based Message Authentication Codes (HMACs). > > -- Mike > > > > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth
- Re: [OAUTH-WG] Pre-IETF 84 versions of JOSE and J… Anil Saldhana
- [OAUTH-WG] Pre-IETF 84 versions of JOSE and JWT s… Mike Jones
- Re: [OAUTH-WG] Pre-IETF 84 versions of JOSE and J… Mike Jones