JSON Object Signing and Encryption (JOSE) -16 drafts have been published that address 45 editorial and minor issues. See the Document History sections for lists of the specific issues addressed. Thanks to Jim Schaad for again meeting with me in person to go over proposed text changes in my working drafts before these specifications were published.
One breaking change was made: When doing ECDH-ES key agreement, the AlgorithmID value used in the KDF computation now has a length prefix. So for instance, the representation of the “enc” value “A128GCM” is now prefixed by the number 7, represented as a 32-bit big-endian value, when used as the AlgorithmID value. (Such prefixes were already in place for the other variable-length KDF parameters.)
The drafts are available at:
- http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-16
- http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-16
- http://tools.ietf.org/html/draft-ietf-jose-json-web-key-16
- http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-16
HTML formatted versions are also available at:
Leave a Reply
You must be logged in to post a comment.