July 29, 2013
JOSE -14 and JWT -11 drafts with additional algorithms and examples published

IETF logoJSON Object Signing and Encryption (JOSE) -14 drafts have been published that incorporate minor updates requested by the working group since the last working group call. The primary change was adding algorithm identifiers for AES algorithms using 192 bit keys; supporting these algorithms is optional. The only breaking changes were to the password-based encryption algorithm parameter representation. This version adds an example ECDH-ES Key Agreement computation.

The JSON Web Token (JWT) -11 draft adds a Nested JWT example – in which the claims are first signed, and then encrypted.

The drafts are available at:

HTML formatted versions are also available at:

2 Responses to “JOSE -14 and JWT -11 drafts with additional algorithms and examples published”

  1. Peter Bernhardt on 29 Aug 2013 at 5:45 am #

    I have a scenario where I need to represent a complex claim in a JWT. Something that might look like this in SAML:

    The best I can do as a JWT claims is this:

    “urn:oasis:names:tc:xacml:2.0:subject:role”: “46255001″

    Do you have a recommendation for how to convey the code system used to represent the value of this claim?

  2. Peter Bernhardt on 29 Aug 2013 at 5:46 am #

    I have a scenario where I need to represent a complex claim in a JWT. Something that might look like this in SAML:

    <saml:Attribute Name="urn:oasis:names:tc:xacml:2.0:subject:role">
    <saml:AttributeValue>
    <Role xmlns="urn:hl7-org:v3" xsi:type="CE" code="46255001"
    codeSystem="2.16.840.1.113883.6.96" codeSystemName="SNOMED_CT"
    displayName="Pharmacist"/>
    </saml:AttributeValue>
    </saml:Attribute>

    The best I can do as a JWT claims is this:

    "urn:oasis:names:tc:xacml:2.0:subject:role": "46255001"

    Do you have a recommendation for how to convey the code system used to represent the value of this claim?

Trackback URI | Comments RSS

Leave a Reply

You must be logged in to post a comment.