Musings on Digital Identity

JOSE -14 and JWT -11 drafts with additional algorithms and examples published

IETF logoJSON Object Signing and Encryption (JOSE) -14 drafts have been published that incorporate minor updates requested by the working group since the last working group call. The primary change was adding algorithm identifiers for AES algorithms using 192 bit keys; supporting these algorithms is optional. The only breaking changes were to the password-based encryption algorithm parameter representation. This version adds an example ECDH-ES Key Agreement computation.

The JSON Web Token (JWT) -11 draft adds a Nested JWT example — in which the claims are first signed, and then encrypted.

The drafts are available at:

HTML formatted versions are also available at:


OpenID Connect Presentation at IETF 87


OpenID Connect Server in a Nutshell

Leave a Reply

Powered by WordPress & Theme by Anders Norén