draft-ietf-jose-json-web-signature-38.txt   draft-ietf-jose-json-web-signature-39.txt 
JOSE Working Group M. Jones JOSE Working Group M. Jones
Internet-Draft Microsoft Internet-Draft Microsoft
Intended status: Standards Track J. Bradley Intended status: Standards Track J. Bradley
Expires: June 12, 2015 Ping Identity Expires: July 3, 2015 Ping Identity
N. Sakimura N. Sakimura
NRI NRI
December 9, 2014 December 30, 2014
JSON Web Signature (JWS) JSON Web Signature (JWS)
draft-ietf-jose-json-web-signature-38 draft-ietf-jose-json-web-signature-39
Abstract Abstract
JSON Web Signature (JWS) represents content secured with digital JSON Web Signature (JWS) represents content secured with digital
signatures or Message Authentication Codes (MACs) using JavaScript signatures or Message Authentication Codes (MACs) using JavaScript
Object Notation (JSON) based data structures. Cryptographic Object Notation (JSON) based data structures. Cryptographic
algorithms and identifiers for use with this specification are algorithms and identifiers for use with this specification are
described in the separate JSON Web Algorithms (JWA) specification and described in the separate JSON Web Algorithms (JWA) specification and
an IANA registry defined by that specification. Related encryption an IANA registry defined by that specification. Related encryption
capabilities are described in the separate JSON Web Encryption (JWE) capabilities are described in the separate JSON Web Encryption (JWE)
skipping to change at page 1, line 40 skipping to change at page 1, line 40
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on June 12, 2015. This Internet-Draft will expire on July 3, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 4, line 5 skipping to change at page 4, line 5
A.6.4. Complete JWS JSON Serialization Representation . . . . 49 A.6.4. Complete JWS JSON Serialization Representation . . . . 49
A.7. Example JWS using Flattened JWS JSON Serialization . . . 49 A.7. Example JWS using Flattened JWS JSON Serialization . . . 49
Appendix B. "x5c" (X.509 Certificate Chain) Example . . . . . . . 50 Appendix B. "x5c" (X.509 Certificate Chain) Example . . . . . . . 50
Appendix C. Notes on implementing base64url encoding without Appendix C. Notes on implementing base64url encoding without
padding . . . . . . . . . . . . . . . . . . . . . . . 52 padding . . . . . . . . . . . . . . . . . . . . . . . 52
Appendix D. Notes on Key Selection . . . . . . . . . . . . . . . 53 Appendix D. Notes on Key Selection . . . . . . . . . . . . . . . 53
Appendix E. Negative Test Case for "crit" Header Parameter . . . 54 Appendix E. Negative Test Case for "crit" Header Parameter . . . 54
Appendix F. Detached Content . . . . . . . . . . . . . . . . . . 55 Appendix F. Detached Content . . . . . . . . . . . . . . . . . . 55
Appendix G. Acknowledgements . . . . . . . . . . . . . . . . . . 55 Appendix G. Acknowledgements . . . . . . . . . . . . . . . . . . 55
Appendix H. Document History . . . . . . . . . . . . . . . . . . 56 Appendix H. Document History . . . . . . . . . . . . . . . . . . 56
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 66 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 67
1. Introduction 1. Introduction
JSON Web Signature (JWS) represents content secured with digital JSON Web Signature (JWS) represents content secured with digital
signatures or Message Authentication Codes (MACs) using JavaScript signatures or Message Authentication Codes (MACs) using JavaScript
Object Notation (JSON) [RFC7159] based data structures. The JWS Object Notation (JSON) [RFC7159] based data structures. The JWS
cryptographic mechanisms provide integrity protection for an cryptographic mechanisms provide integrity protection for an
arbitrary sequence of octets. See Section 10.5 for a discussion on arbitrary sequence of octets. See Section 10.5 for a discussion on
the differences between Digital Signatures and MACs. the differences between Digital Signatures and MACs.
skipping to change at page 34, line 43 skipping to change at page 34, line 43
Interchange Format", RFC 7159, March 2014. Interchange Format", RFC 7159, March 2014.
11.2. Informative References 11.2. Informative References
[CanvasApp] [CanvasApp]
Facebook, "Canvas Applications", 2010. Facebook, "Canvas Applications", 2010.
[I-D.ietf-uta-tls-bcp] [I-D.ietf-uta-tls-bcp]
Sheffer, Y., Holz, R., and P. Saint-Andre, Sheffer, Y., Holz, R., and P. Saint-Andre,
"Recommendations for Secure Use of TLS and DTLS", "Recommendations for Secure Use of TLS and DTLS",
draft-ietf-uta-tls-bcp-07 (work in progress), draft-ietf-uta-tls-bcp-08 (work in progress),
November 2014. December 2014.
[JSS] Bradley, J. and N. Sakimura (editor), "JSON Simple Sign", [JSS] Bradley, J. and N. Sakimura (editor), "JSON Simple Sign",
September 2010. September 2010.
[JWE] Jones, M. and J. Hildebrand, "JSON Web Encryption (JWE)", [JWE] Jones, M. and J. Hildebrand, "JSON Web Encryption (JWE)",
draft-ietf-jose-json-web-encryption (work in progress), draft-ietf-jose-json-web-encryption (work in progress),
December 2014. December 2014.
[JWT] Jones, M., Bradley, J., and N. Sakimura, "JSON Web Token [JWT] Jones, M., Bradley, J., and N. Sakimura, "JSON Web Token
(JWT)", draft-ietf-oauth-json-web-token (work in (JWT)", draft-ietf-oauth-json-web-token (work in
skipping to change at page 56, line 21 skipping to change at page 56, line 21
Tschofenig, and Sean Turner. Tschofenig, and Sean Turner.
Jim Schaad and Karen O'Donoghue chaired the JOSE working group and Jim Schaad and Karen O'Donoghue chaired the JOSE working group and
Sean Turner, Stephen Farrell, and Kathleen Moriarty served as Sean Turner, Stephen Farrell, and Kathleen Moriarty served as
Security area directors during the creation of this specification. Security area directors during the creation of this specification.
Appendix H. Document History Appendix H. Document History
[[ to be removed by the RFC Editor before publication as an RFC ]] [[ to be removed by the RFC Editor before publication as an RFC ]]
-39
o Updated the reference to draft-ietf-uta-tls-bcp.
-38 -38
o Replaced uses of the phrases "JWS object" and "JWE object" with o Replaced uses of the phrases "JWS object" and "JWE object" with
"JWS" and "JWE". "JWS" and "JWE".
o Added member names to the JWS JSON Serialization Overview. o Added member names to the JWS JSON Serialization Overview.
o Applied other minor editorial improvements. o Applied other minor editorial improvements.
-37 -37
 End of changes. 7 change blocks. 
7 lines changed or deleted 11 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/