--- 1/draft-ietf-jose-json-web-signature-22.txt	2014-03-03 14:14:39.168393035 -0800
+++ 2/draft-ietf-jose-json-web-signature-23.txt	2014-03-03 14:14:39.268395484 -0800
@@ -1,21 +1,21 @@
 
 JOSE Working Group                                              M. Jones
 Internet-Draft                                                 Microsoft
 Intended status: Standards Track                              J. Bradley
-Expires: September 3, 2014                                 Ping Identity
+Expires: September 4, 2014                                 Ping Identity
                                                              N. Sakimura
                                                                      NRI
-                                                           March 2, 2014
+                                                           March 3, 2014
 
                         JSON Web Signature (JWS)
-                 draft-ietf-jose-json-web-signature-22
+                 draft-ietf-jose-json-web-signature-23
 
 Abstract
 
    JSON Web Signature (JWS) represents content secured with digital
    signatures or Message Authentication Codes (MACs) using JavaScript
    Object Notation (JSON) based data structures.  Cryptographic
    algorithms and identifiers for use with this specification are
    described in the separate JSON Web Algorithms (JWA) specification and
    an IANA registry defined by that specification.  Related encryption
    capabilities are described in the separate JSON Web Encryption (JWE)
@@ -29,21 +29,21 @@
    Internet-Drafts are working documents of the Internet Engineering
    Task Force (IETF).  Note that other groups may also distribute
    working documents as Internet-Drafts.  The list of current Internet-
    Drafts is at http://datatracker.ietf.org/drafts/current/.
 
    Internet-Drafts are draft documents valid for a maximum of six months
    and may be updated, replaced, or obsoleted by other documents at any
    time.  It is inappropriate to use Internet-Drafts as reference
    material or to cite them other than as "work in progress."
 
-   This Internet-Draft will expire on September 3, 2014.
+   This Internet-Draft will expire on September 4, 2014.
 
 Copyright Notice
 
    Copyright (c) 2014 IETF Trust and the persons identified as the
    document authors.  All rights reserved.
 
    This document is subject to BCP 78 and the IETF Trust's Legal
    Provisions Relating to IETF Documents
    (http://trustee.ietf.org/license-info) in effect on the date of
    publication of this document.  Please review these documents
@@ -118,21 +118,21 @@
        A.6.3.  Complete JWS Header Values . . . . . . . . . . . . . . 40
        A.6.4.  Complete JWS JSON Serialization Representation . . . . 41
    Appendix B.  "x5c" (X.509 Certificate Chain) Example . . . . . . . 41
    Appendix C.  Notes on implementing base64url encoding without
                 padding . . . . . . . . . . . . . . . . . . . . . . . 43
    Appendix D.  Notes on Key Selection  . . . . . . . . . . . . . . . 44
    Appendix E.  Negative Test Case for "crit" Header Parameter  . . . 46
    Appendix F.  Detached Content  . . . . . . . . . . . . . . . . . . 46
    Appendix G.  Acknowledgements  . . . . . . . . . . . . . . . . . . 47
    Appendix H.  Document History  . . . . . . . . . . . . . . . . . . 47
-   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 54
+   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 55
 
 1.  Introduction
 
    JSON Web Signature (JWS) represents content secured with digital
    signatures or Message Authentication Codes (MACs) using JavaScript
    Object Notation (JSON) [RFC7158] based data structures.  The JWS
    cryptographic mechanisms provide integrity protection for an
    arbitrary sequence of octets.
 
    Two closely related serializations for JWS objects are defined.  The
@@ -203,22 +203,24 @@
       component of the JWS Header.
 
    JWS Unprotected Header
       JSON object that contains the JWS Header Parameters that are not
       integrity protected.  This can only be present when using the JWS
       JSON Serialization.
 
    Base64url Encoding
       Base64 encoding using the URL- and filename-safe character set
       defined in Section 5 of RFC 4648 [RFC4648], with all trailing '='
-      characters omitted (as permitted by Section 3.2).  (See Appendix C
-      for notes on implementing base64url encoding without padding.)
+      characters omitted (as permitted by Section 3.2) and without the
+      inclusion of any line breaks, white space, or other additional
+      characters.  (See Appendix C for notes on implementing base64url
+      encoding without padding.)
 
    JWS Signing Input
       The input to the digital signature or MAC computation.  Its value
       is ASCII(BASE64URL(UTF8(JWS Protected Header)) || '.' ||
       BASE64URL(JWS Payload)).
 
    JWS Compact Serialization
       A representation of the JWS as a compact, URL-safe string.
 
    JWS JSON Serialization
@@ -2164,20 +2166,25 @@
    Hannes Tschofenig, and Sean Turner.
 
    Jim Schaad and Karen O'Donoghue chaired the JOSE working group and
    Sean Turner and Stephen Farrell served as Security area directors
    during the creation of this specification.
 
 Appendix H.  Document History
 
    [[ to be removed by the RFC Editor before publication as an RFC ]]
 
+   -23
+
+   o  Clarified that the base64url encoding includes no line breaks,
+      white space, or other additional characters.
+
    -22
 
    o  Corrected RFC 2119 terminology usage.
 
    o  Replaced references to draft-ietf-json-rfc4627bis with RFC 7158.
 
    -21
 
    o  Applied review comments to the appendix "Notes on Key Selection",
       addressing issue #93.