Re: [OAUTH-WG] Pre-IETF 84 versions of JOSE and JWT specifications
Anil Saldhana <Anil.Saldhana@redhat.com> Fri, 27 July 2012 15:34 UTC
Return-Path: <Anil.Saldhana@redhat.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C5D9521F871E for <oauth@ietfa.amsl.com>; Fri, 27 Jul 2012 08:34:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.598
X-Spam-Level:
X-Spam-Status: No, score=-110.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ycK64-GghyOE for <oauth@ietfa.amsl.com>; Fri, 27 Jul 2012 08:34:02 -0700 (PDT)
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by ietfa.amsl.com (Postfix) with ESMTP id BC7C521F8723 for <oauth@ietf.org>; Fri, 27 Jul 2012 08:34:02 -0700 (PDT)
Received: from int-mx02.intmail.prod.int.phx2.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q6RFY1Ai030539 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <oauth@ietf.org>; Fri, 27 Jul 2012 11:34:01 -0400
Received: from [10.3.236.21] (vpn-236-21.phx2.redhat.com [10.3.236.21]) by int-mx02.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id q6RFXxsl008356 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <oauth@ietf.org>; Fri, 27 Jul 2012 11:34:00 -0400
Message-ID: <5012B4E7.1090505@redhat.com>
Date: Fri, 27 Jul 2012 10:33:59 -0500
From: Anil Saldhana <Anil.Saldhana@redhat.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:14.0) Gecko/20120717 Thunderbird/14.0
MIME-Version: 1.0
To: oauth@ietf.org
References: <4E1F6AAD24975D4BA5B1680429673943667349BA@TK5EX14MBXC285.redmond.corp.microsoft.com>
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943667349BA@TK5EX14MBXC285.redmond.corp.microsoft.com>
Content-Type: multipart/alternative; boundary="------------020104030207080502040202"
X-Scanned-By: MIMEDefang 2.67 on 10.5.11.12
Subject: Re: [OAUTH-WG] Pre-IETF 84 versions of JOSE and JWT specifications
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jul 2012 15:34:05 -0000
Mike,
I am wondering if it is possible to change Integrity Check from "int"
to something else in JWE? int is a keyword in many programming
languages and would not translate directly to classes in Java etc.
intc,intk?
Regards,
Anil
On 07/16/2012 08:48 PM, Mike Jones wrote:
>
> I've made a minor release of the JSON WEB
> {Signature,Encryption,Key,Algorithms,Token} (JWS, JWE, JWK, JWA, JWT)
> working group specifications and the JWS and JWE JSON Serialization
> (JWS-JS, JWE-JS) individual submission specifications in preparation
> for IETF 84 in Vancouver, BC
> <http://www.ietf.org/meeting/84/index.html>. These versions
> incorporate feedback from working group members since the major
> release on July 6^th <http://self-issued.info/?p=759>, and update the
> lists of open issues in preparation for discussions in Vancouver (and
> on the working group mailing lists).
>
> One significant addition is that the JWT and JWE-JS specs both now
> contain complete, testable examples with encrypted results. No
> normative changes were made.
>
> The working group specifications are available at:
>
> ·http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-04
>
> ·http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-04
>
> ·http://tools.ietf.org/html/draft-ietf-jose-json-web-key-04
>
> ·http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-04
>
> ·http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-02
>
> The individual submission specifications are available at:
>
> ·http://tools.ietf.org/html/draft-jones-jose-jws-json-serialization-01
>
> ·http://tools.ietf.org/html/draft-jones-jose-jwe-json-serialization-01
>
> The document history entries (also in the specifications) are as follows:
>
> http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-04
>
> * Completed JSON Security Considerations section, including
> considerations about rejecting input with duplicate member names.
> * Completed security considerations on the use of a SHA-1 hash when
> computing x5t(x.509 certificate thumbprint) values.
> * Refer to the registries as the primary sources of defined values
> and then secondarily reference the sections defining the initial
> contents of the registries.
> * Normatively reference XML DSIG 2.0 [W3C.CR-xmldsig-core2-20120124]
> for its security considerations.
> * Added this language to Registration Templates: "This name is case
> sensitive. Names that match other registered names in a case
> insensitive manner SHOULD NOT be accepted."
> * Reference draft-jones-jose-jws-json-serialization instead of
> draft-jones-json-web-signature-json-serialization.
> * Described additional open issues.
> * Applied editorial suggestions.
>
> http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-04
>
> * Refer to the registries as the primary sources of defined values
> and then secondarily reference the sections defining the initial
> contents of the registries.
> * Normatively reference XML Encryption 1.1
> [W3C.CR-xmlenc-core1-20120313] for its security considerations.
> * Reference draft-jones-jose-jwe-json-serialization instead of
> draft-jones-json-web-encryption-json-serialization.
> * Described additional open issues.
> * Applied editorial suggestions.
>
> http://tools.ietf.org/html/draft-ietf-jose-json-web-key-04
>
> * Refer to the registries as the primary sources of defined values
> and then secondarily reference the sections defining the initial
> contents of the registries.
> * Normatively reference XML DSIG 2.0 [W3C.CR-xmldsig-core2-20120124]
> for its security considerations.
> * Added this language to Registration Templates: "This name is case
> sensitive. Names that match other registered names in a case
> insensitive manner SHOULD NOT be accepted."
> * Described additional open issues.
> * Applied editorial suggestions.
>
> http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-04
>
> * Added text requiring that any leading zero bytes be retained in
> base64url encoded key value representations for fixed-length values.
> * Added this language to Registration Templates: "This name is case
> sensitive. Names that match other registered names in a case
> insensitive manner SHOULD NOT be accepted."
> * Described additional open issues.
> * Applied editorial suggestions.
>
> http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-02
>
> * Added an example of an encrypted JWT.
> * Added this language to Registration Templates: "This name is case
> sensitive. Names that match other registered names in a case
> insensitive manner SHOULD NOT be accepted."
> * Applied editorial suggestions.
>
> http://tools.ietf.org/html/draft-jones-jose-jws-json-serialization-01
>
> * Generalized language to refer to Message Authentication Codes
> (MACs) rather than Hash-based Message Authentication Codes (HMACs).
>
> http://tools.ietf.org/html/draft-jones-jose-jwe-json-serialization-01
>
> * Added a complete JWE-JS example.
> * Generalized language to refer to Message Authentication Codes
> (MACs) rather than Hash-based Message Authentication Codes (HMACs).
>
> -- Mike
>
>
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
- Re: [OAUTH-WG] Pre-IETF 84 versions of JOSE and J… Anil Saldhana
- [OAUTH-WG] Pre-IETF 84 versions of JOSE and JWT s… Mike Jones
- Re: [OAUTH-WG] Pre-IETF 84 versions of JOSE and J… Mike Jones