New versions of the IETF JSON Object Signing and Encryption (JOSE) specifications are now available that incorporate working group feedback since publication of the initial versions. They are:
- JSON Web Signature (JWS) – Digital signature/HMAC specification
- JSON Web Encryption (JWE) – Encryption specification
- JSON Web Key (JWK) – Public key specification
- JSON Web Algorithms (JWA) – Algorithms and identifiers specification
The most important changes are:
- Added a separate integrity check for encryption algorithms without an integral integrity check.
- Defined header parameters for including JWK public keys and X.509 certificate chains directly in the header.
See the Document History section in each specification for a more detailed list of changes.
Corresponding versions of the JSON Serialization specs, which use these JOSE drafts, are also available. Besides using JSON Serializations of the cryptographic results (rather than Compact Serializations using a series of base64url encoded values), these specifications also enable multiple digital signatures and/or HMACs to applied to the same message and enable the same plaintext to be encrypted to multiple recipients. They are:
- JSON Web Signature JSON Serialization (JWS-JS)
- JSON Web Encryption JSON Serialization (JWE-JS)
These specifications are available at:
- http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-01
- http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-01
- http://tools.ietf.org/html/draft-ietf-jose-json-web-key-01
- http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-01
- http://tools.ietf.org/html/draft-jones-json-web-signature-json-serialization-01
- http://tools.ietf.org/html/draft-jones-json-web-encryption-json-serialization-01
HTML formatted versions are available at:
- http://self-issued.info/docs/draft-ietf-jose-json-web-signature-01.html
- http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-01.html
- http://self-issued.info/docs/draft-ietf-jose-json-web-key-01.html
- http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-01.html
- http://self-issued.info/docs/draft-jones-json-web-signature-json-serialization-01.html
- http://self-issued.info/docs/draft-jones-json-web-encryption-json-serialization-01.html
2 Comments » Posted under Cryptography & JSON & Specifications
2 Responses to “Draft -01 of JSON Crypto Specs: JWS, JWE, JWK, JWA, JWS-JS, JWE-JS”
Leave a Reply
You must be logged in to post a comment.
Mike Jones: self-issued » JSON Web Token (JWT) Specification Draft -08 on 12 Mar 2012 at 6:01 pm #
[…] Using Information Cards « Draft -01 of JSON Crypto Specs: JWS, JWE, JWK, JWA, JWS-JS, JWE-JS March 12, 2012 JSON Web Token (JWT) Specification Draft […]
Mike Jones – Microsoft: JSON Web Token (JWT) Specification Draft -08 « oracle fusion identity on 12 Mar 2012 at 6:20 pm #
[…] 08 of the JSON Web Token (JWT) specification has been published. It uses the -01 versions of the JOSE specifications and also contains these […]