draft-ietf-jose-json-web-key-34.txt   draft-ietf-jose-json-web-key-35.txt 
JOSE Working Group M. Jones JOSE Working Group M. Jones
Internet-Draft Microsoft Internet-Draft Microsoft
Intended status: Standards Track October 14, 2014 Intended status: Standards Track October 17, 2014
Expires: April 17, 2015 Expires: April 20, 2015
JSON Web Key (JWK) JSON Web Key (JWK)
draft-ietf-jose-json-web-key-34 draft-ietf-jose-json-web-key-35
Abstract Abstract
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data
structure that represents a cryptographic key. This specification structure that represents a cryptographic key. This specification
also defines a JSON Web Key Set (JWK Set) JSON data structure that also defines a JSON Web Key Set (JWK Set) JSON data structure that
represents a set of JWKs. Cryptographic algorithms and identifiers represents a set of JWKs. Cryptographic algorithms and identifiers
for use with this specification are described in the separate JSON for use with this specification are described in the separate JSON
Web Algorithms (JWA) specification and IANA registries defined by Web Algorithms (JWA) specification and IANA registries defined by
that specification. that specification.
skipping to change at page 1, line 36 skipping to change at page 1, line 36
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on April 17, 2015. This Internet-Draft will expire on April 20, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 23 skipping to change at page 2, line 23
4. JSON Web Key (JWK) Format . . . . . . . . . . . . . . . . . . 5 4. JSON Web Key (JWK) Format . . . . . . . . . . . . . . . . . . 5
4.1. "kty" (Key Type) Parameter . . . . . . . . . . . . . . . . 6 4.1. "kty" (Key Type) Parameter . . . . . . . . . . . . . . . . 6
4.2. "use" (Public Key Use) Parameter . . . . . . . . . . . . . 6 4.2. "use" (Public Key Use) Parameter . . . . . . . . . . . . . 6
4.3. "key_ops" (Key Operations) Parameter . . . . . . . . . . . 7 4.3. "key_ops" (Key Operations) Parameter . . . . . . . . . . . 7
4.4. "alg" (Algorithm) Parameter . . . . . . . . . . . . . . . 8 4.4. "alg" (Algorithm) Parameter . . . . . . . . . . . . . . . 8
4.5. "kid" (Key ID) Parameter . . . . . . . . . . . . . . . . . 8 4.5. "kid" (Key ID) Parameter . . . . . . . . . . . . . . . . . 8
4.6. "x5u" (X.509 URL) Parameter . . . . . . . . . . . . . . . 8 4.6. "x5u" (X.509 URL) Parameter . . . . . . . . . . . . . . . 8
4.7. "x5c" (X.509 Certificate Chain) Parameter . . . . . . . . 9 4.7. "x5c" (X.509 Certificate Chain) Parameter . . . . . . . . 9
4.8. "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter . . . 9 4.8. "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter . . . 9
4.9. "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) 4.9. "x5t#S256" (X.509 Certificate SHA-256 Thumbprint)
Parameter . . . . . . . . . . . . . . . . . . . . . . . . 9 Parameter . . . . . . . . . . . . . . . . . . . . . . . . 10
5. JSON Web Key Set (JWK Set) Format . . . . . . . . . . . . . . 10 5. JSON Web Key Set (JWK Set) Format . . . . . . . . . . . . . . 10
5.1. "keys" Parameter . . . . . . . . . . . . . . . . . . . . . 10 5.1. "keys" Parameter . . . . . . . . . . . . . . . . . . . . . 10
6. String Comparison Rules . . . . . . . . . . . . . . . . . . . 10 6. String Comparison Rules . . . . . . . . . . . . . . . . . . . 11
7. Encrypted JWK and Encrypted JWK Set Formats . . . . . . . . . 11 7. Encrypted JWK and Encrypted JWK Set Formats . . . . . . . . . 11
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
8.1. JSON Web Key Parameters Registry . . . . . . . . . . . . . 12 8.1. JSON Web Key Parameters Registry . . . . . . . . . . . . . 13
8.1.1. Registration Template . . . . . . . . . . . . . . . . 13 8.1.1. Registration Template . . . . . . . . . . . . . . . . 13
8.1.2. Initial Registry Contents . . . . . . . . . . . . . . 14 8.1.2. Initial Registry Contents . . . . . . . . . . . . . . 14
8.2. JSON Web Key Use Registry . . . . . . . . . . . . . . . . 15 8.2. JSON Web Key Use Registry . . . . . . . . . . . . . . . . 15
8.2.1. Registration Template . . . . . . . . . . . . . . . . 15 8.2.1. Registration Template . . . . . . . . . . . . . . . . 15
8.2.2. Initial Registry Contents . . . . . . . . . . . . . . 16 8.2.2. Initial Registry Contents . . . . . . . . . . . . . . 16
8.3. JSON Web Key Operations Registry . . . . . . . . . . . . . 16 8.3. JSON Web Key Operations Registry . . . . . . . . . . . . . 16
8.3.1. Registration Template . . . . . . . . . . . . . . . . 16 8.3.1. Registration Template . . . . . . . . . . . . . . . . 16
8.3.2. Initial Registry Contents . . . . . . . . . . . . . . 17 8.3.2. Initial Registry Contents . . . . . . . . . . . . . . 17
8.4. JSON Web Key Set Parameters Registry . . . . . . . . . . . 18 8.4. JSON Web Key Set Parameters Registry . . . . . . . . . . . 18
8.4.1. Registration Template . . . . . . . . . . . . . . . . 18 8.4.1. Registration Template . . . . . . . . . . . . . . . . 18
skipping to change at page 3, line 23 skipping to change at page 3, line 23
C.2. JOSE Header . . . . . . . . . . . . . . . . . . . . . . . 31 C.2. JOSE Header . . . . . . . . . . . . . . . . . . . . . . . 31
C.3. Content Encryption Key (CEK) . . . . . . . . . . . . . . . 31 C.3. Content Encryption Key (CEK) . . . . . . . . . . . . . . . 31
C.4. Key Derivation . . . . . . . . . . . . . . . . . . . . . . 32 C.4. Key Derivation . . . . . . . . . . . . . . . . . . . . . . 32
C.5. Key Encryption . . . . . . . . . . . . . . . . . . . . . . 32 C.5. Key Encryption . . . . . . . . . . . . . . . . . . . . . . 32
C.6. Initialization Vector . . . . . . . . . . . . . . . . . . 32 C.6. Initialization Vector . . . . . . . . . . . . . . . . . . 32
C.7. Additional Authenticated Data . . . . . . . . . . . . . . 33 C.7. Additional Authenticated Data . . . . . . . . . . . . . . 33
C.8. Content Encryption . . . . . . . . . . . . . . . . . . . . 33 C.8. Content Encryption . . . . . . . . . . . . . . . . . . . . 33
C.9. Complete Representation . . . . . . . . . . . . . . . . . 36 C.9. Complete Representation . . . . . . . . . . . . . . . . . 36
Appendix D. Acknowledgements . . . . . . . . . . . . . . . . . . 37 Appendix D. Acknowledgements . . . . . . . . . . . . . . . . . . 37
Appendix E. Document History . . . . . . . . . . . . . . . . . . 38 Appendix E. Document History . . . . . . . . . . . . . . . . . . 38
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 44 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 45
1. Introduction 1. Introduction
A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) [RFC7159] A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) [RFC7159]
data structure that represents a cryptographic key. This data structure that represents a cryptographic key. This
specification also defines a JSON Web Key Set (JWK Set) JSON data specification also defines a JSON Web Key Set (JWK Set) JSON data
structure that represents a set of JWKs. Cryptographic algorithms structure that represents a set of JWKs. Cryptographic algorithms
and identifiers for use with this specification are described in the and identifiers for use with this specification are described in the
separate JSON Web Algorithms (JWA) [JWA] specification and IANA separate JSON Web Algorithms (JWA) [JWA] specification and IANA
registries defined by that specification. registries defined by that specification.
skipping to change at page 4, line 40 skipping to change at page 4, line 40
words for use in RFCs to Indicate Requirement Levels [RFC2119]. If words for use in RFCs to Indicate Requirement Levels [RFC2119]. If
these words are used without being spelled in uppercase then they are these words are used without being spelled in uppercase then they are
to be interpreted with their normal natural language meanings. to be interpreted with their normal natural language meanings.
BASE64URL(OCTETS) denotes the base64url encoding of OCTETS, per BASE64URL(OCTETS) denotes the base64url encoding of OCTETS, per
Section 2 of [JWS]. Section 2 of [JWS].
UTF8(STRING) denotes the octets of the UTF-8 [RFC3629] representation UTF8(STRING) denotes the octets of the UTF-8 [RFC3629] representation
of STRING. of STRING.
ASCII(STRING) denotes the octets of the ASCII [USASCII] ASCII(STRING) denotes the octets of the ASCII [RFC20] representation
representation of STRING. of STRING.
The concatenation of two values A and B is denoted as A || B. The concatenation of two values A and B is denoted as A || B.
2. Terminology 2. Terminology
These terms defined by the JSON Web Signature (JWS) [JWS] These terms defined by the JSON Web Signature (JWS) [JWS]
specification are incorporated into this specification: "Base64url specification are incorporated into this specification: "Base64url
Encoding", "Collision-Resistant Name", "Header Parameter", and "JOSE Encoding", "Collision-Resistant Name", "Header Parameter", and "JOSE
Header". Header".
These terms defined by the Internet Security Glossary, Version 2
[RFC4949] are incorporated into this specification: "Ciphertext",
"Digital Signature", "Message Authentication Code (MAC)", and
"Plaintext".
These terms are defined by this specification: These terms are defined by this specification:
JSON Web Key (JWK) JSON Web Key (JWK)
A JSON object that represents a cryptographic key. The members of A JSON object that represents a cryptographic key. The members of
the object represent properties of the key, including its value. the object represent properties of the key, including its value.
JSON Web Key Set (JWK Set) JSON Web Key Set (JWK Set)
A JSON object that represents a set of JWKs. The JSON object MUST A JSON object that represents a set of JWKs. The JSON object MUST
have a "keys" member, which is an array of JWK objects. have a "keys" member, which is an array of JWK objects.
skipping to change at page 7, line 24 skipping to change at page 7, line 28
4.3. "key_ops" (Key Operations) Parameter 4.3. "key_ops" (Key Operations) Parameter
The "key_ops" (key operations) member identifies the operation(s) The "key_ops" (key operations) member identifies the operation(s)
that the key is intended to be used for. The "key_ops" parameter is that the key is intended to be used for. The "key_ops" parameter is
intended for use cases in which public, private, or symmetric keys intended for use cases in which public, private, or symmetric keys
may be present. may be present.
Its value is an array of key operation values. Values defined by Its value is an array of key operation values. Values defined by
this specification are: this specification are:
o "sign" (compute signature or MAC) o "sign" (compute digital signature or MAC)
o "verify" (verify signature or MAC) o "verify" (verify digital signature or MAC)
o "encrypt" (encrypt content) o "encrypt" (encrypt content)
o "decrypt" (decrypt content and validate decryption, if applicable) o "decrypt" (decrypt content and validate decryption, if applicable)
o "wrapKey" (encrypt key) o "wrapKey" (encrypt key)
o "unwrapKey" (decrypt key and validate decryption, if applicable) o "unwrapKey" (decrypt key and validate decryption, if applicable)
o "deriveKey" (derive key) o "deriveKey" (derive key)
o "deriveBits" (derive bits not to be used as a key) o "deriveBits" (derive bits not to be used as a key)
(Note that the "key_ops" values intentionally match the "KeyUsage" (Note that the "key_ops" values intentionally match the "KeyUsage"
values defined in the Web Cryptography API [WebCrypto] values defined in the Web Cryptography API [WebCrypto]
specification.) specification.)
skipping to change at page 13, line 17 skipping to change at page 13, line 24
specification registers the parameter names defined in Section 4. specification registers the parameter names defined in Section 4.
The same JWK parameter name may be registered multiple times, The same JWK parameter name may be registered multiple times,
provided that duplicate parameter registrations are only for key type provided that duplicate parameter registrations are only for key type
specific JWK parameters; in this case, the meaning of the duplicate specific JWK parameters; in this case, the meaning of the duplicate
parameter name is disambiguated by the "kty" value of the JWK parameter name is disambiguated by the "kty" value of the JWK
containing it. containing it.
8.1.1. Registration Template 8.1.1. Registration Template
Parameter Name: Parameter Name:
The name requested (e.g., "example"). Because a core goal of this The name requested (e.g., "kid"). Because a core goal of this
specification is for the resulting representations to be compact, specification is for the resulting representations to be compact,
it is RECOMMENDED that the name be short -- not to exceed 8 it is RECOMMENDED that the name be short -- not to exceed 8
characters without a compelling reason to do so. This name is characters without a compelling reason to do so. This name is
case-sensitive. Names may not match other registered names in a case-sensitive. Names may not match other registered names in a
case-insensitive manner unless the Designated Expert(s) state that case-insensitive manner unless the Designated Expert(s) state that
there is a compelling reason to allow an exception in this there is a compelling reason to allow an exception in this
particular case. However, matching names may be registered, particular case. However, matching names may be registered,
provided that the accompanying sets of "kty" values that the provided that the accompanying sets of "kty" values that the
Parameter Name is used with are disjoint; for the purposes of Parameter Name is used with are disjoint; for the purposes of
matching "kty" values, "*" matches all values. matching "kty" values, "*" matches all values.
Parameter Description: Parameter Description:
Brief description of the parameter (e.g., "Example description"). Brief description of the parameter (e.g., "Key ID").
Used with "kty" Value(s): Used with "kty" Value(s):
The key type parameter value(s) that the parameter name is to be The key type parameter value(s) that the parameter name is to be
used with, or the value "*" if the parameter value is used with used with, or the value "*" if the parameter value is used with
all key types. Values may not match other registered "kty" values all key types. Values may not match other registered "kty" values
in a case-insensitive manner when the registered Parameter Name is in a case-insensitive manner when the registered Parameter Name is
the same (including when the Parameter Name matches in a case- the same (including when the Parameter Name matches in a case-
insensitive manner) unless the Designated Expert(s) state that insensitive manner) unless the Designated Expert(s) state that
there is a compelling reason to allow an exception in this there is a compelling reason to allow an exception in this
particular case. particular case.
skipping to change at page 15, line 40 skipping to change at page 15, line 45
This specification establishes the IANA JSON Web Key Use registry for This specification establishes the IANA JSON Web Key Use registry for
JWK "use" (public key use) member values. The registry records the JWK "use" (public key use) member values. The registry records the
public key use value and a reference to the specification that public key use value and a reference to the specification that
defines it. This specification registers the parameter names defined defines it. This specification registers the parameter names defined
in Section 4.2. in Section 4.2.
8.2.1. Registration Template 8.2.1. Registration Template
Use Member Value: Use Member Value:
The name requested (e.g., "example"). Because a core goal of this The name requested (e.g., "sig"). Because a core goal of this
specification is for the resulting representations to be compact, specification is for the resulting representations to be compact,
it is RECOMMENDED that the name be short -- not to exceed 8 it is RECOMMENDED that the name be short -- not to exceed 8
characters without a compelling reason to do so. This name is characters without a compelling reason to do so. This name is
case-sensitive. Names may not match other registered names in a case-sensitive. Names may not match other registered names in a
case-insensitive manner unless the Designated Expert(s) state that case-insensitive manner unless the Designated Expert(s) state that
there is a compelling reason to allow an exception in this there is a compelling reason to allow an exception in this
particular case. particular case.
Use Description: Use Description:
Brief description of the use (e.g., "Example description"). Brief description of the use (e.g., "Digital Signature or MAC").
Change Controller: Change Controller:
For Standards Track RFCs, state "IESG". For others, give the name For Standards Track RFCs, state "IESG". For others, give the name
of the responsible party. Other details (e.g., postal address, of the responsible party. Other details (e.g., postal address,
email address, home page URI) may also be included. email address, home page URI) may also be included.
Specification Document(s): Specification Document(s):
Reference to the document(s) that specify the parameter, Reference to the document(s) that specify the parameter,
preferably including URI(s) that can be used to retrieve copies of preferably including URI(s) that can be used to retrieve copies of
the document(s). An indication of the relevant sections may also the document(s). An indication of the relevant sections may also
be included but is not required. be included but is not required.
8.2.2. Initial Registry Contents 8.2.2. Initial Registry Contents
o Use Member Value: "sig" o Use Member Value: "sig"
o Use Description: Signature or MAC o Use Description: Digital Signature or MAC
o Change Controller: IESG o Change Controller: IESG
o Specification Document(s): Section 4.2 of [[ this document ]] o Specification Document(s): Section 4.2 of [[ this document ]]
o Use Member Value: "enc" o Use Member Value: "enc"
o Use Description: Encryption o Use Description: Encryption
o Change Controller: IESG o Change Controller: IESG
o Specification Document(s): Section 4.2 of [[ this document ]] o Specification Document(s): Section 4.2 of [[ this document ]]
8.3. JSON Web Key Operations Registry 8.3. JSON Web Key Operations Registry
This specification establishes the IANA JSON Web Key Operations This specification establishes the IANA JSON Web Key Operations
registry for values of JWK "key_ops" array elements. The registry registry for values of JWK "key_ops" array elements. The registry
records the key operation value and a reference to the specification records the key operation value and a reference to the specification
that defines it. This specification registers the parameter names that defines it. This specification registers the parameter names
defined in Section 4.3. defined in Section 4.3.
8.3.1. Registration Template 8.3.1. Registration Template
Key Operation Value: Key Operation Value:
The name requested (e.g., "example"). Because a core goal of this The name requested (e.g., "sign"). Because a core goal of this
specification is for the resulting representations to be compact, specification is for the resulting representations to be compact,
it is RECOMMENDED that the name be short -- not to exceed 8 it is RECOMMENDED that the name be short -- not to exceed 8
characters without a compelling reason to do so. This name is characters without a compelling reason to do so. This name is
case-sensitive. Names may not match other registered names in a case-sensitive. Names may not match other registered names in a
case-insensitive manner unless the Designated Expert(s) state that case-insensitive manner unless the Designated Expert(s) state that
there is a compelling reason to allow an exception in this there is a compelling reason to allow an exception in this
particular case. particular case.
Key Operation Description: Key Operation Description:
Brief description of the key operation (e.g., "Example Brief description of the key operation (e.g., "Compute digital
description"). signature or MAC").
Change Controller: Change Controller:
For Standards Track RFCs, state "IESG". For others, give the name For Standards Track RFCs, state "IESG". For others, give the name
of the responsible party. Other details (e.g., postal address, of the responsible party. Other details (e.g., postal address,
email address, home page URI) may also be included. email address, home page URI) may also be included.
Specification Document(s): Specification Document(s):
Reference to the document(s) that specify the parameter, Reference to the document(s) that specify the parameter,
preferably including URI(s) that can be used to retrieve copies of preferably including URI(s) that can be used to retrieve copies of
the document(s). An indication of the relevant sections may also the document(s). An indication of the relevant sections may also
be included but is not required. be included but is not required.
8.3.2. Initial Registry Contents 8.3.2. Initial Registry Contents
o Key Operation Value: "sign" o Key Operation Value: "sign"
o Key Operation Description: Compute signature or MAC o Key Operation Description: Compute digital signature or MAC
o Change Controller: IESG o Change Controller: IESG
o Specification Document(s): Section 4.3 of [[ this document ]] o Specification Document(s): Section 4.3 of [[ this document ]]
o Key Operation Value: "verify" o Key Operation Value: "verify"
o Key Operation Description: Verify signature or MAC o Key Operation Description: Verify digital signature or MAC
o Change Controller: IESG o Change Controller: IESG
o Specification Document(s): Section 4.3 of [[ this document ]] o Specification Document(s): Section 4.3 of [[ this document ]]
o Key Operation Value: "encrypt" o Key Operation Value: "encrypt"
o Key Operation Description: Encrypt content o Key Operation Description: Encrypt content
o Change Controller: IESG o Change Controller: IESG
o Specification Document(s): Section 4.3 of [[ this document ]] o Specification Document(s): Section 4.3 of [[ this document ]]
o Key Operation Value: "decrypt" o Key Operation Value: "decrypt"
o Key Operation Description: Decrypt content and validate o Key Operation Description: Decrypt content and validate
skipping to change at page 18, line 29 skipping to change at page 18, line 29
This specification establishes the IANA JSON Web Key Set Parameters This specification establishes the IANA JSON Web Key Set Parameters
registry for JWK Set parameter names. The registry records the registry for JWK Set parameter names. The registry records the
parameter name and a reference to the specification that defines it. parameter name and a reference to the specification that defines it.
This specification registers the parameter names defined in This specification registers the parameter names defined in
Section 5. Section 5.
8.4.1. Registration Template 8.4.1. Registration Template
Parameter Name: Parameter Name:
The name requested (e.g., "example"). Because a core goal of this The name requested (e.g., "keys"). Because a core goal of this
specification is for the resulting representations to be compact, specification is for the resulting representations to be compact,
it is RECOMMENDED that the name be short -- not to exceed 8 it is RECOMMENDED that the name be short -- not to exceed 8
characters without a compelling reason to do so. This name is characters without a compelling reason to do so. This name is
case-sensitive. Names may not match other registered names in a case-sensitive. Names may not match other registered names in a
case-insensitive manner unless the Designated Expert(s) state that case-insensitive manner unless the Designated Expert(s) state that
there is a compelling reason to allow an exception in this there is a compelling reason to allow an exception in this
particular case. particular case.
Parameter Description: Parameter Description:
Brief description of the parameter (e.g., "Example description"). Brief description of the parameter (e.g., "Array of JWK values").
Change Controller: Change Controller:
For Standards Track RFCs, state "IESG". For others, give the name For Standards Track RFCs, state "IESG". For others, give the name
of the responsible party. Other details (e.g., postal address, of the responsible party. Other details (e.g., postal address,
email address, home page URI) may also be included. email address, home page URI) may also be included.
Specification Document(s): Specification Document(s):
Reference to the document(s) that specify the parameter, Reference to the document(s) that specify the parameter,
preferably including URI(s) that can be used to retrieve copies of preferably including URI(s) that can be used to retrieve copies of
the document(s). An indication of the relevant sections may also the document(s). An indication of the relevant sections may also
skipping to change at page 20, line 39 skipping to change at page 20, line 39
9.1. Key Provenance and Trust 9.1. Key Provenance and Trust
One should place no more trust in the data cryptographically secured One should place no more trust in the data cryptographically secured
by a key than in the method by which it was obtained and in the by a key than in the method by which it was obtained and in the
trustworthiness of the entity asserting an association with the key. trustworthiness of the entity asserting an association with the key.
Any data associated with a key that is obtained in an untrusted Any data associated with a key that is obtained in an untrusted
manner should be treated with skepticism. See Section 10.3 of [JWS] manner should be treated with skepticism. See Section 10.3 of [JWS]
for security considerations on key origin authentication. for security considerations on key origin authentication.
The security considerations in Section 12.3 of XML DSIG 2.0 The security considerations in Section 12.3 of XML DSIG 2.0
[W3C.NOTE-xmldsig-core2-20130411] about the strength of a signature [W3C.NOTE-xmldsig-core2-20130411] about the strength of a digital
depending upon all the links in the security chain also apply to this signature depending upon all the links in the security chain also
specification. apply to this specification.
The TLS Requirements in Section 8 of [JWS] also apply to this The TLS Requirements in Section 8 of [JWS] also apply to this
specification. specification.
9.2. Preventing Disclosure of Non-Public Key Information 9.2. Preventing Disclosure of Non-Public Key Information
Private and symmetric keys MUST be protected from disclosure to Private and symmetric keys MUST be protected from disclosure to
unintended parties. One recommended means of doing so is to encrypt unintended parties. One recommended means of doing so is to encrypt
JWKs or JWK Sets containing them by using the JWK or JWK Set value as JWKs or JWK Sets containing them by using the JWK or JWK Set value as
the plaintext of a JWE. Of course, this requires that there be a the plaintext of a JWE. Of course, this requires that there be a
skipping to change at page 22, line 17 skipping to change at page 22, line 17
October 2014. October 2014.
[JWE] Jones, M. and J. Hildebrand, "JSON Web Encryption (JWE)", [JWE] Jones, M. and J. Hildebrand, "JSON Web Encryption (JWE)",
draft-ietf-jose-json-web-encryption (work in progress), draft-ietf-jose-json-web-encryption (work in progress),
October 2014. October 2014.
[JWS] Jones, M., Bradley, J., and N. Sakimura, "JSON Web [JWS] Jones, M., Bradley, J., and N. Sakimura, "JSON Web
Signature (JWS)", draft-ietf-jose-json-web-signature (work Signature (JWS)", draft-ietf-jose-json-web-signature (work
in progress), October 2014. in progress), October 2014.
[RFC20] Cerf, V., "ASCII format for Network Interchange", RFC 20,
October 1969.
[RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail [RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
Extensions (MIME) Part Two: Media Types", RFC 2046, Extensions (MIME) Part Two: Media Types", RFC 2046,
November 1996. November 1996.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000. [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000.
[RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO
skipping to change at page 22, line 39 skipping to change at page 22, line 42
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66, Resource Identifier (URI): Generic Syntax", STD 66,
RFC 3986, January 2005. RFC 3986, January 2005.
[RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data
Encodings", RFC 4648, October 2006. Encodings", RFC 4648, October 2006.
[RFC4945] Korver, B., "The Internet IP Security PKI Profile of [RFC4945] Korver, B., "The Internet IP Security PKI Profile of
IKEv1/ISAKMP, IKEv2, and PKIX", RFC 4945, August 2007. IKEv1/ISAKMP, IKEv2, and PKIX", RFC 4945, August 2007.
[RFC4949] Shirey, R., "Internet Security Glossary, Version 2",
RFC 4949, August 2007.
[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246, August 2008. (TLS) Protocol Version 1.2", RFC 5246, August 2008.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and W. Polk, "Internet X.509 Public Key Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, May 2008. (CRL) Profile", RFC 5280, May 2008.
[RFC6125] Saint-Andre, P. and J. Hodges, "Representation and [RFC6125] Saint-Andre, P. and J. Hodges, "Representation and
Verification of Domain-Based Application Service Identity Verification of Domain-Based Application Service Identity
within Internet Public Key Infrastructure Using X.509 within Internet Public Key Infrastructure Using X.509
(PKIX) Certificates in the Context of Transport Layer (PKIX) Certificates in the Context of Transport Layer
Security (TLS)", RFC 6125, March 2011. Security (TLS)", RFC 6125, March 2011.
[RFC7159] Bray, T., "The JavaScript Object Notation (JSON) Data [RFC7159] Bray, T., "The JavaScript Object Notation (JSON) Data
Interchange Format", RFC 7159, March 2014. Interchange Format", RFC 7159, March 2014.
[USASCII] American National Standards Institute, "Coded Character
Set -- 7-bit American Standard Code for Information
Interchange", ANSI X3.4, 1986.
10.2. Informative References 10.2. Informative References
[DSS] National Institute of Standards and Technology, "Digital [DSS] National Institute of Standards and Technology, "Digital
Signature Standard (DSS)", FIPS PUB 186-4, July 2013. Signature Standard (DSS)", FIPS PUB 186-4, July 2013.
[HAC] Menezes, A., van Oorschot, P., and S. Vanstone, "Handbook [HAC] Menezes, A., van Oorschot, P., and S. Vanstone, "Handbook
of Applied Cryptography", CRC Press, 1996, of Applied Cryptography", CRC Press, 1996,
<http://cacr.uwaterloo.ca/hac/about/chap8.pdf>. <http://cacr.uwaterloo.ca/hac/about/chap8.pdf>.
[Kocher] Kocher, P., "Timing Attacks on Implementations of Diffe- [Kocher] Kocher, P., "Timing Attacks on Implementations of Diffe-
skipping to change at page 38, line 30 skipping to change at page 38, line 30
Hannes Tschofenig, and Sean Turner. Hannes Tschofenig, and Sean Turner.
Jim Schaad and Karen O'Donoghue chaired the JOSE working group and Jim Schaad and Karen O'Donoghue chaired the JOSE working group and
Sean Turner, Stephen Farrell, and Kathleen Moriarty served as Sean Turner, Stephen Farrell, and Kathleen Moriarty served as
Security area directors during the creation of this specification. Security area directors during the creation of this specification.
Appendix E. Document History Appendix E. Document History
[[ to be removed by the RFC Editor before publication as an RFC ]] [[ to be removed by the RFC Editor before publication as an RFC ]]
-35
o Used real values for examples in the IANA Registration Templates.
-34 -34
o Addressed IESG review comments by Pete Resnick, Stephen Farrell, o Addressed IESG review comments by Pete Resnick, Stephen Farrell,
and Richard Barnes. and Richard Barnes.
o Referenced RFC 4945 for PEM certificate delimiter syntax. o Referenced RFC 4945 for PEM certificate delimiter syntax.
-33 -33
o Addressed secdir review comments by Stephen Kent for which o Addressed secdir review comments by Stephen Kent for which
 End of changes. 26 change blocks. 
31 lines changed or deleted 42 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/