Re: [OAUTH-WG] JOSE and JWT specs incorporating decisions from IETF 86

Nichole Richardson <nichole.richardson.27@facebook.com> Wed, 24 April 2013 20:10 UTC

Return-Path: <nichole.richardson.27@facebook.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3C5E21F914C for <oauth@ietfa.amsl.com>; Wed, 24 Apr 2013 13:10:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.664
X-Spam-Level:
X-Spam-Status: No, score=-101.664 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, IP_NOT_FRIENDLY=0.334, J_CHICKENPOX_34=0.6, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2SVEwx-iXqxR for <oauth@ietfa.amsl.com>; Wed, 24 Apr 2013 13:10:48 -0700 (PDT)
Received: from smtpout.mx.facebook.com (smtpout001.ash3.facebook.com [69.171.244.64]) by ietfa.amsl.com (Postfix) with ESMTP id F094421F910E for <oauth@ietf.org>; Wed, 24 Apr 2013 13:10:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; d=facebook.com; s=s1024-2010-q3; c=relaxed/simple; q=dns/txt; i=@facebook.com; t=1366834235; h=From:Subject:X-:Date:To:MIME-Version:Content-Type; bh=J0OjXeCuM4N5uzx09l2E0YwE7/3gnaSz5UE9hh25U0w=; b=CnT8e0xFzkKIwvRmRtGSk4XhQZp8SLvaKlLVnRYZ/xExnALoUqr/HHXyDl9qGsHN rsA7siOk+TYz/n4cPUxJUVrl0eQfsqxnLy8AJNo/APce+lSTR6OfEG4LkTPXys5F /GBaDbrhnJQysISL+u67fLNOjdFrJbePLAB9BW0SHPI=;
Received: from [10.148.86.69] ([10.148.86.69:46605] helo=www.facebook.com) by 10.148.128.29 (envelope-from <nichole.richardson.27@facebook.com>) (ecelerity 2.2.2.45 r(34222M)) with ESMTP id EC/32-03944-B3C38715; Wed, 24 Apr 2013 13:10:35 -0700
Date: Wed, 24 Apr 2013 13:10:35 -0700
From: Nichole Richardson <nichole.richardson.27@facebook.com>
To: Mike Jones <Michael.Jones@microsoft.com>, "oauth@ietf.org" <oauth@ietf.org>, "jose@ietf.org" <jose@ietf.org>
Message-ID: <6ba33a1284334c0497f0d4e3cb2cf2ad-0@mail.projektitan.com>
In-Reply-To: <4E1F6AAD24975D4BA5B1680429673943676AA515@TK5EX14MBXC284.redmond.corp.microsoft.com>
References: , <4E1F6AAD24975D4BA5B1680429673943676AA515@TK5EX14MBXC284.redmond.corp.microsoft.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_13410_1224209555.1366834235476"
Subject: Re: [OAUTH-WG] JOSE and JWT specs incorporating decisions from IETF 86
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Apr 2013 20:10:49 -0000

Auto-generated message: Nichole Richardson has left this conversation and will
no longer see your messages

On April 23, 2013 7:06:47 PM PDT, Mike Jones wrote:
> New versions of the JSON Object Signing and Encryption (JOSE) specifications JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Algorithms (JWA) and the JSON Web Token (JWT) specification have been released that incorporate the working group decisions made during and since IETF 86<http://www.ietf.org/meeting/86/>.
> 
> The primary new features in these working group drafts are:
> 
> *        adding support for private and symmetric keys to JWK and JWA,
> 
> *        adding support for JSON Serializations to JWS and JWE,
> 
> *        replacing the custom JOSE CBC+HMAC algorithms with ones compatible with those proposed in draft-mcgrew-aead-aes-cbc-hmac-sha2<http://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-01>,
> 
> *        defining that the default action for header parameters and claims that are not understood is to ignore them, while providing a way to designate that some extension header parameters must be understood.
> 
> More details on the changes made can be found in the Document History entries.
> 
> The specifications are available at:
> 
> *        http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-09
> 
> *        http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-09
> 
> *        http://tools.ietf.org/html/draft-ietf-jose-json-web-key-09
> 
> *        http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-09
> 
> *        http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-07
> 
> HTML formatted versions are also available at:
> 
> *        http://self-issued.info/docs/draft-ietf-jose-json-web-signature-09..html
> 
> *        http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-09.html
> 
> *        http://self-issued.info/docs/draft-ietf-jose-json-web-key-09.html
> 
> *        http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-09.html
> 
> *        http://self-issued.info/docs/draft-ietf-oauth-json-web-token-07.html
> 
>                                                             -- Mike
> 
> P.S.  This notice has also been posted at http://self-issued.info/?p=1008..
> 
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth