[OAUTH-WG] JOSE and JWT specs incorporating decisions from IETF 86
Mike Jones <Michael.Jones@microsoft.com> Wed, 24 April 2013 02:12 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 82BCD21F96C8; Tue, 23 Apr 2013 19:12:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.034
X-Spam-Level:
X-Spam-Status: No, score=-2.034 tagged_above=-999 required=5 tests=[AWL=-0.036, BAYES_00=-2.599, HTML_MESSAGE=0.001, J_CHICKENPOX_34=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rp5iHiEXuukB; Tue, 23 Apr 2013 19:12:54 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0204.outbound.protection.outlook.com [207.46.163.204]) by ietfa.amsl.com (Postfix) with ESMTP id 2147A21F96C6; Tue, 23 Apr 2013 19:12:54 -0700 (PDT)
Received: from BN1AFFO11FD011.protection.gbl (10.58.52.202) by BN1AFFO11HUB015.protection.gbl (10.58.52.125) with Microsoft SMTP Server (TLS) id 15.0.675.0; Wed, 24 Apr 2013 02:07:38 +0000
Received: from TK5EX14MLTC104.redmond.corp.microsoft.com (131.107.125.37) by BN1AFFO11FD011.mail.protection.outlook.com (10.58.52.71) with Microsoft SMTP Server (TLS) id 15.0.675.0 via Frontend Transport; Wed, 24 Apr 2013 02:07:38 +0000
Received: from TK5EX14MBXC284.redmond.corp.microsoft.com ([169.254.1.245]) by TK5EX14MLTC104.redmond.corp.microsoft.com ([157.54.79.159]) with mapi id 14.02.0318.003; Wed, 24 Apr 2013 02:06:47 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "jose@ietf.org" <jose@ietf.org>, "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: JOSE and JWT specs incorporating decisions from IETF 86
Thread-Index: Ac5AkF8GEZkzSCsYTlWpjIlvBF/zSA==
Date: Wed, 24 Apr 2013 02:06:47 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943676AA515@TK5EX14MBXC284.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.32]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943676AA515TK5EX14MBXC284r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(189002)(199002)(512954001)(16406001)(20776003)(4396001)(81542001)(47976001)(54316002)(47736001)(46102001)(66066001)(76482001)(50986001)(53806001)(564824004)(47446002)(74662001)(56816002)(54356001)(15202345002)(31966008)(63696002)(77982001)(59766001)(33656001)(6806003)(69226001)(74502001)(71186001)(79102001)(56776001)(51856001)(49866001)(80022001)(81342001)(16236675002)(65816001)(55846006)(6606295001); DIR:OUT; SFP:; SCL:1; SRVR:BN1AFFO11HUB015; H:TK5EX14MLTC104.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0826B2F01B
Subject: [OAUTH-WG] JOSE and JWT specs incorporating decisions from IETF 86
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Apr 2013 02:12:55 -0000
New versions of the JSON Object Signing and Encryption (JOSE) specifications JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Algorithms (JWA) and the JSON Web Token (JWT) specification have been released that incorporate the working group decisions made during and since IETF 86<http://www.ietf.org/meeting/86/>. The primary new features in these working group drafts are: * adding support for private and symmetric keys to JWK and JWA, * adding support for JSON Serializations to JWS and JWE, * replacing the custom JOSE CBC+HMAC algorithms with ones compatible with those proposed in draft-mcgrew-aead-aes-cbc-hmac-sha2<http://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-01>, * defining that the default action for header parameters and claims that are not understood is to ignore them, while providing a way to designate that some extension header parameters must be understood. More details on the changes made can be found in the Document History entries. The specifications are available at: * http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-09 * http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-09 * http://tools.ietf.org/html/draft-ietf-jose-json-web-key-09 * http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-09 * http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-07 HTML formatted versions are also available at: * http://self-issued.info/docs/draft-ietf-jose-json-web-signature-09.html * http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-09.html * http://self-issued.info/docs/draft-ietf-jose-json-web-key-09.html * http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-09.html * http://self-issued.info/docs/draft-ietf-oauth-json-web-token-07.html -- Mike P.S. This notice has also been posted at http://self-issued.info/?p=1008.
- Re: [OAUTH-WG] JOSE and JWT specs incorporating d… Nichole Richardson
- [OAUTH-WG] JOSE and JWT specs incorporating decis… Mike Jones