Archive for the 'Cryptography' Category

December 9, 2014
JOSE -38 and JWT -32 drafts addressing the last of the IESG review comments

IETF logoSlightly updated JSON Object Signing and Encryption (JOSE) and JSON Web Token (JWT) drafts have been published that address the last of the IESG review comments, which were follow-up comments by Stephen Farrell and Pete Resnick. All DISCUSS comments had already been addressed by the previous drafts. The one normative change is that implementations must now discard RSA private keys with an “oth” parameter when the implementation does not support private keys with more than two primes. The remaining changes were editorial improvements suggested by Pete.

The specifications are available at:

HTML formatted versions are available at:

November 21, 2014
A JSON-Based Identity Protocol Suite

quillMy article A JSON-Based Identity Protocol Suite has been published in the Fall 2014 issue of Information Standards Quarterly, with this citation page. This issue on Identity Management was guest-edited by Andy Dale. The article’s abstract is:

Achieving interoperable digital identity systems requires agreement on data representations and protocols among the participants. While there are several suites of successful interoperable identity data representations and protocols, including Kerberos, X.509, SAML 2.0, WS-*, and OpenID 2.0, they have used data representations that have limited or no support in browsers, mobile devices, and modern Web development environments, such as ASN.1, XML, or custom data representations. A new set of open digital identity standards have emerged that utilize JSON data representations and simple REST-based communication patterns. These protocols and data formats are intentionally designed to be easy to use in browsers, mobile devices, and modern Web development environments, which typically include native JSON support. This paper surveys a number of these open JSON-based digital identity protocols and discusses how they are being used to provide practical interoperable digital identity solutions.

This article is actually a follow-on progress report to my April 2011 position paper The Emerging JSON-Based Identity Protocol Suite. While standards can seem to progress slowly at times, comparing the two makes clear just how much has been accomplished in this time and shows that what was a prediction in 2011 is now a reality in widespread use.

November 19, 2014
JOSE -37 and JWT -31 drafts addressing remaining IESG review comments

IETF logoThese JOSE and JWT drafts contain updates intended to address the remaining outstanding IESG review comments by Pete Resnick, Stephen Farrell, and Richard Barnes, other than one that Pete may still provide text for. Algorithm names are now restricted to using only ASCII characters, the TLS requirements language has been refined, the language about integrity protecting header parameters used in trust decisions has been augmented, we now say what to do when an RSA private key with “oth” is encountered but not supported, and we now talk about JWSs with invalid signatures being considered invalid, rather than them being rejected. Also, added the CRT parameter values to example JWK RSA private key representations.

The specifications are available at:

HTML formatted versions are available at:

November 11, 2014
JWK Thumbprint spec adopted by JOSE working group

IETF logoThe JSON Web Key (JWK) Thumbprint specification was adopted by the JOSE working group during IETF 91. The initial working group version is identical to the individual submission version incorporating feedback from IETF 90, other than the dates and document identifier.

JWK Thumbprints are used by the recently approved OpenID Connect Core 1.0 incorporating errata set 1 spec. JOSE working group co-chair Jim Schaad said during the working group meeting that he would move the document along fast.

The specification is available at:

An HTML formatted version is also available at:

October 24, 2014
JOSE -36 and JWT -30 drafts addressing additional IESG review comments

IETF logoThese JOSE and JWT drafts incorporate resolutions to some previously unresolved IESG comments. The primary change was adding flattened JSON Serialization syntax for the single digital signature/MAC and single recipient cases. See http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-36#appendix-A.7 and http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-36#appendix-A.5 for examples. See the history entries for details on the few other changes. No breaking changes were made.

The specifications are available at:

HTML formatted versions are available at:

October 17, 2014
JOSE -35 and JWT -29 drafts addressing AppsDir review comments

IETF logoI’ve posted updated JOSE and JWT drafts that address the Applications Area Directorate review comments. Thanks to Ray Polk and Carsten Bormann for their useful reviews. No breaking changes were made.

The specifications are available at:

HTML formatted versions are available at:

October 14, 2014
JOSE -34 and JWT -28 drafts addressing IESG review comments

IETF logoUpdated JOSE and JWT specifications have been published that address the IESG review comments received. The one set of normative changes was to change the implementation requirements for RSAES-PKCS1-V1_5 from Required to Recommended- and for RSA-OAEP from Optional to Recommended+. Thanks to Richard Barnes, Alissa Cooper, Stephen Farrell, Brian Haberman, Ted Lemon, Barry Leiba, and Pete Resnick for their IESG review comments, plus thanks to Scott Brim and Russ Housley for additional Gen-ART review comments, and thanks to the working group members who helped respond to them. Many valuable clarifications resulted from your thorough reviews.

The specifications are available at:

HTML formatted versions are available at:

September 25, 2014
JOSE -33 and JWT -27 drafts addressing Stephen Kent’s JWK comments

IETF logoUpdated JOSE and JWT drafts have been published that address JSON Web Key (JWK) secdir review comments by Stephen Kent that were inadvertently not addressed in the previous versions. Most of the changes were to the JWK draft. A few changes also had to be made across the other drafts to keep them in sync. I also added acknowledgements to several additional contributors. No breaking changes were made.

The specifications are available at:

Differences since the previous drafts can be viewed at:

HTML formatted versions are available at:

September 23, 2014
JOSE -32 and JWT -26 drafts addressing IETF Last Call comments

IETF logoNew versions of the JSON Object Signing and Encryption (JOSE) and JSON Web Token (JWT) specifications have been published incorporating feedback received in IETF Last Call comments. Thanks to Russ Housley and Roni Even for their Gen-ART reviews, to Tero Kivinen, Scott Kelly, Stephen Kent, Charlie Kaufman, and Warren Kumari for their secdir reviews, to Tom Yu for his individual review, and to James Manger and Chuck Mortimore who provided feedback based on deployment experiences, as well as to the many JOSE and OAuth working group members who pitched in to discuss resolutions. Many clarifications resulted. No breaking changes were made.

The specifications are available at:

HTML formatted versions are available at:

August 20, 2014
Microsoft JWT and OpenID Connect RP libraries updated

This morning Microsoft released updated versions of its JSON Web Token (JWT) library and its OpenID Connect RP library as part of today’s Katana project release. See the Microsoft.Owin.Security.Jwt and Microsoft.Owin.Security.OpenIdConnect packages in the Katana project’s package list. These are .NET 4.5 code under an Apache 2.0 license.

For more background on Katana, you can see this post on Katana design principles and this post on using claims in Web applications. For more on the JWT code, see this post on the previous JWT handler release.

Thanks to Brian Campbell of Ping Identity for performing OpenID Connect interop testing with us prior to the release.

August 14, 2014
The Increasing Importance of Proof-of-Possession to the Web

W3C  logoMy submission to the W3C Workshop on Authentication, Hardware Tokens and Beyond was accepted for presentation. I’ll be discussing The Increasing Importance of Proof-of-Possession to the Web. The abstract of my position paper is:

A number of different initiatives and organizations are now defining new ways to use proof-of-possession in several kinds of Web protocols. These range from cookies that can’t be stolen and reused, identity assertions only usable by a particular party, password-less login, to proof of eligibility to participate. While each of these developments is important in isolation, the pattern of all of them concurrently emerging now demonstrates the increasing importance of proof-of-possession to the Web.

It should be a quick and hopefully worthwhile read. I’m looking forward to discussing it with many of you at the workshop!

July 23, 2014
OAuth Assertions specs describing Privacy Considerations

OAuth logoBrian Campbell updated the OAuth Assertions specifications to add Privacy Considerations sections, responding to area director feedback. Thanks, Brian!

The specifications are available at:

HTML formatted versions are also available at:

July 23, 2014
JWK Thumbprint spec incorporating feedback from IETF 90

IETF logoI’ve updated the JSON Web Key (JWK) Thumbprint specification to incorporate the JOSE working group feedback on the -00 draft from IETF 90. The two changes were:

  • Said that the result is undefined if characters requiring escaping are needed in the hash input.
  • Added instructions for representing integer numeric values in the hash input.

If a canonical JSON representation standard is ever adopted, this specification could be revised to use it, resulting in unambiguous definitions for those values (which are unlikely to ever occur in JWKs) as well. (Defining a complete canonical JSON representation is very much out of scope for this work!)

The specification is available at:

An HTML formatted version is also available at:

July 4, 2014
JOSE -31 and JWT -25 drafts addressing additional AD comments

IETF logoIn preparation for IETF 90 in Toronto, I’ve published yet another round of small deltas to the JOSE and JWT specifications motivated by additional comments from our area director, Kathleen Moriarty. These drafts add some references to Security Considerations sections, adds a Privacy Considerations section to JWT, and clarifies wording in a few places. Once again, no normative changes were made.

The specifications are available at:

HTML formatted versions are available at:

July 1, 2014
JOSE -30 and JWT -24 drafts incorporating AD feedback on fifth spec of five

IETF logoJOSE -30 and JWT -24 drafts have been posted incorporating improvements resulting from Kathleen Moriarty’s JWE review. At this point, actions requested in her reviews of the JWS, JWE, JWK, JWA, and JWT specifications have all been incorporated. All changes in this release were strictly editorial in nature.

The specifications are available at:

HTML formatted versions are available at:

June 20, 2014
JOSE -29 and JWT -23 drafts coalescing duplicative terminology definitions

IETF logoSurprise! For the first time ever, I’ve released two sets of JOSE and JWT drafts in one day! I wanted to separate the changes addressing recent AD comments from this set of changes that reduces duplication in the drafts.

These drafts replaced the terms JWS Header, JWE Header, and JWT Header with a single JOSE Header term defined in the JWS specification. This also enabled a single Header Parameter definition to be used and reduced other areas of duplication between the specifications. No normative changes were made.

The specifications are available at:

HTML formatted versions are available at:

June 20, 2014
JOSE -28 and JWT -22 drafts incorporating additional AD feedback

IETF logoUpdated JOSE and JWT drafts have been released that incorporate additional wording improvements in places suggested by Kathleen Moriarty. Most of the changes were rewording and reorganization of the Security Considerations sections. An explanation of when applications typically would and would not use the typ and cty header parameters was added. The one normative change was to specify the use of PKCS #7 padding with AES CBC, rather than PKCS #5 – a correction pointed out by Shaun Cooley. (PKCS #7 is a superset of PKCS #5, and is appropriate for the 16 octet blocks used by AES CBC.) No breaking changes were made.

The specifications are available at:

HTML formatted versions are available at:

June 10, 2014
JOSE -27 and JWT -21 drafts incorporating area director feedback

IETF logoThe -27 drafts of the JOSE specs (JWS, JWE, JWK, & JWA) and the -21 draft of the JWT spec have been posted that incorporate feedback received from our security area director, Kathleen Moriarty. The one normative change was to add certificate thumbprint parameters using SHA-256 as the hash function. There were no breaking changes. A number of additional security considerations were added across the drafts. An example JWK was added early in the JWK draft (paralleling the early examples in the JWS, JWE, and JWT drafts). Several algorithm cross-reference entries were updated in the JWA draft. A number of other editorial improvements were also applied.

The specifications are available at:

HTML formatted versions are available at:

Thanks for the detailed feedback, Kathleen.

May 14, 2014
JWT and JOSE have won a Special European Identity Award

IETF logoToday the JSON Web Token (JWT) and JSON Object Signing and Encryption (JOSE) specifications were granted a Special European Identity Award for Best Innovation for Security in the API Economy. I was honored to accept the award, along with Nat Sakimura and John Bradley, on behalf of the contributors to and implementers of these specifications at the European Identity and Cloud Conference.

It’s great to see this recognition for the impact that these specs are having by making it easy to use simple JSON-based security tokens and other Web-friendly cryptographically protected data structures. Special thanks are due to all of you have built and deployed implementations and provided feedback on the specs throughout their development; they significantly benefitted from your active involvement!

These specifications are:

The authors are:

Dirk Balfanz, Yaron Goland, John Panzer, and Eric Rescorla also deserve thanks for their significant contributions to creating these specifications.

May 8, 2014
Publication requested for JSON Web Token (JWT), OAuth Assertions, and JOSE specifications

IETF logoToday, the OAuth Working Group requested publication of four specifications as proposed standards:

This follows on the JOSE Working Group likewise requesting publication of the JSON Object Signing and Encryption specifications last month:

This means that the working groups have sent the specifications to the IESG for review, which is the next step towards them becoming IETF Standards – RFCs.

Next »