[OAUTH-WG] FW: JOSE -11 drafts and JWT -08 released
Mike Jones <Michael.Jones@microsoft.com> Tue, 28 May 2013 15:12 UTC
Return-Path: <Michael.Jones@microsoft.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1E23D21F977A for <oauth@ietfa.amsl.com>; Tue, 28 May 2013 08:12:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.949
X-Spam-Level:
X-Spam-Status: No, score=-1.949 tagged_above=-999 required=5 tests=[AWL=0.649, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id peHsKPnqaGc8 for <oauth@ietfa.amsl.com>; Tue, 28 May 2013 08:12:12 -0700 (PDT)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2lp0212.outbound.protection.outlook.com [207.46.163.212]) by ietfa.amsl.com (Postfix) with ESMTP id 3B7ED21F9433 for <oauth@ietf.org>; Tue, 28 May 2013 08:12:11 -0700 (PDT)
Received: from BY2FFO11FD020.protection.gbl (10.1.15.202) by BY2FFO11HUB006.protection.gbl (10.1.14.164) with Microsoft SMTP Server (TLS) id 15.0.698.0; Tue, 28 May 2013 15:12:09 +0000
Received: from TK5EX14HUBC105.redmond.corp.microsoft.com (131.107.125.37) by BY2FFO11FD020.mail.protection.outlook.com (10.1.14.137) with Microsoft SMTP Server (TLS) id 15.0.698.0 via Frontend Transport; Tue, 28 May 2013 15:12:08 +0000
Received: from TK5EX14MBXC285.redmond.corp.microsoft.com ([169.254.3.134]) by TK5EX14HUBC105.redmond.corp.microsoft.com ([157.54.80.48]) with mapi id 14.03.0136.001; Tue, 28 May 2013 15:12:07 +0000
From: Mike Jones <Michael.Jones@microsoft.com>
To: "oauth@ietf.org" <oauth@ietf.org>
Thread-Topic: JOSE -11 drafts and JWT -08 released
Thread-Index: Ac5btZuYMcqTY79JTVWqRkdQbRaJ/wAAAq7A
Date: Tue, 28 May 2013 15:12:07 +0000
Message-ID: <4E1F6AAD24975D4BA5B1680429673943677B7D07@TK5EX14MBXC285.redmond.corp.microsoft.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [157.54.51.33]
Content-Type: multipart/alternative; boundary="_000_4E1F6AAD24975D4BA5B1680429673943677B7D07TK5EX14MBXC285r_"
MIME-Version: 1.0
X-Forefront-Antispam-Report: CIP:131.107.125.37; CTRY:US; IPV:CAL; IPV:NLI; EFV:NLI; SFV:NSPM; SFS:(377454002)(189002)(199002)(47736001)(31966008)(74502001)(50986001)(51856001)(76176001)(16406001)(59766001)(74366001)(69226001)(74876001)(16297215003)(65816001)(79102001)(53806001)(54316002)(47976001)(56776001)(80022001)(4396001)(47446002)(55846006)(20776003)(6806003)(44976003)(33656001)(54356001)(63696002)(74662001)(77982001)(81342001)(49866001)(15202345002)(16236675002)(512954002)(81542001)(71186001)(74706001)(56816002)(66066001)(76482001)(46102001)(6606295001); DIR:OUT; SFP:; SCL:1; SRVR:BY2FFO11HUB006; H:TK5EX14HUBC105.redmond.corp.microsoft.com; RD:InfoDomainNonexistent; MX:1; A:1; LANG:en;
X-OriginatorOrg: microsoft.onmicrosoft.com
X-Forefront-PRVS: 0860FE717F
Subject: [OAUTH-WG] FW: JOSE -11 drafts and JWT -08 released
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/oauth>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 May 2013 15:12:17 -0000
From: Mike Jones Sent: Tuesday, May 28, 2013 8:11 AM To: jose@ietf.org Subject: JOSE -11 drafts and JWT -08 released The -11 drafts of the JSON Object Signing and Encryption (JOSE)<http://datatracker.ietf.org/wg/jose/> specifications have been released that incorporate the changes agreed to at the interim working group meeting last month. Most of the changes were to the JWS and JWE JSON Serialization representations, enabling more flexible treatment of header parameter values. Other changes included removing the Encrypted Key value from the JWE integrity calculation, saying more about key identification, adding key identification parameters to some of the examples, clarifying the use of "kid" values in JWK Sets, enabling X.509 key representations in JWKs, recommending protecting JWKs containing non-public information by encrypting them with JWE, adding "alg" values for RSASSA-PSS, registering additional MIME types, and a number of clarifications. A corresponding -08 JSON Web Token (JWT) spec was also released that updated the encrypted JWT example value to track the JWE change. Hopefully this will be the last breaking change to the encryption calculations. The specifications are available at: * http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-11 * http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-11 * http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11 * http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-11 * http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-08 HTML formatted versions are available at: * http://self-issued.info/docs/draft-ietf-jose-json-web-signature-11.html * http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-11.html * http://self-issued.info/docs/draft-ietf-jose-json-web-key-11.html * http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-11.html * http://self-issued.info/docs/draft-ietf-oauth-json-web-token-08.html -- Mike P.S. This announcement was also posted at http://self-issued.info/?p=1031.