| < draft-ietf-jose-json-web-encryption-39.txt | draft-ietf-jose-json-web-encryption-40.txt > | |||
|---|---|---|---|---|
| JOSE Working Group M. Jones | JOSE Working Group M. Jones | |||
| Internet-Draft Microsoft | Internet-Draft Microsoft | |||
| Intended status: Standards Track J. Hildebrand | Intended status: Standards Track J. Hildebrand | |||
| Expires: July 3, 2015 Cisco | Expires: July 17, 2015 Cisco | |||
| December 30, 2014 | January 13, 2015 | |||
| JSON Web Encryption (JWE) | JSON Web Encryption (JWE) | |||
| draft-ietf-jose-json-web-encryption-39 | draft-ietf-jose-json-web-encryption-40 | |||
| Abstract | Abstract | |||
| JSON Web Encryption (JWE) represents encrypted content using | JSON Web Encryption (JWE) represents encrypted content using | |||
| JavaScript Object Notation (JSON) based data structures. | JavaScript Object Notation (JSON) based data structures. | |||
| Cryptographic algorithms and identifiers for use with this | Cryptographic algorithms and identifiers for use with this | |||
| specification are described in the separate JSON Web Algorithms (JWA) | specification are described in the separate JSON Web Algorithms (JWA) | |||
| specification and IANA registries defined by that specification. | specification and IANA registries defined by that specification. | |||
| Related digital signature and MAC capabilities are described in the | Related digital signature and MAC capabilities are described in the | |||
| separate JSON Web Signature (JWS) specification. | separate JSON Web Signature (JWS) specification. | |||
| skipping to change at page 1, line 37 ¶ | skipping to change at page 1, line 37 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on July 3, 2015. | This Internet-Draft will expire on July 17, 2015. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2014 IETF Trust and the persons identified as the | Copyright (c) 2015 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 1.1. Notational Conventions . . . . . . . . . . . . . . . . . . 5 | 1.1. Notational Conventions . . . . . . . . . . . . . . . . . . 5 | |||
| 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 3. JSON Web Encryption (JWE) Overview . . . . . . . . . . . . . . 8 | 3. JSON Web Encryption (JWE) Overview . . . . . . . . . . . . . . 8 | |||
| 3.1. JWE Compact Serialization Overview . . . . . . . . . . . . 9 | 3.1. JWE Compact Serialization Overview . . . . . . . . . . . . 9 | |||
| 3.2. JWE JSON Serialization Overview . . . . . . . . . . . . . 9 | 3.2. JWE JSON Serialization Overview . . . . . . . . . . . . . 9 | |||
| 3.3. Example JWE . . . . . . . . . . . . . . . . . . . . . . . 10 | 3.3. Example JWE . . . . . . . . . . . . . . . . . . . . . . . 10 | |||
| 4. JOSE Header . . . . . . . . . . . . . . . . . . . . . . . . . 11 | 4. JOSE Header . . . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 4.1. Registered Header Parameter Names . . . . . . . . . . . . 11 | 4.1. Registered Header Parameter Names . . . . . . . . . . . . 12 | |||
| 4.1.1. "alg" (Algorithm) Header Parameter . . . . . . . . . . 12 | 4.1.1. "alg" (Algorithm) Header Parameter . . . . . . . . . . 12 | |||
| 4.1.2. "enc" (Encryption Algorithm) Header Parameter . . . . 12 | 4.1.2. "enc" (Encryption Algorithm) Header Parameter . . . . 12 | |||
| 4.1.3. "zip" (Compression Algorithm) Header Parameter . . . . 12 | 4.1.3. "zip" (Compression Algorithm) Header Parameter . . . . 13 | |||
| 4.1.4. "jku" (JWK Set URL) Header Parameter . . . . . . . . . 13 | 4.1.4. "jku" (JWK Set URL) Header Parameter . . . . . . . . . 13 | |||
| 4.1.5. "jwk" (JSON Web Key) Header Parameter . . . . . . . . 13 | 4.1.5. "jwk" (JSON Web Key) Header Parameter . . . . . . . . 13 | |||
| 4.1.6. "kid" (Key ID) Header Parameter . . . . . . . . . . . 13 | 4.1.6. "kid" (Key ID) Header Parameter . . . . . . . . . . . 13 | |||
| 4.1.7. "x5u" (X.509 URL) Header Parameter . . . . . . . . . . 13 | 4.1.7. "x5u" (X.509 URL) Header Parameter . . . . . . . . . . 13 | |||
| 4.1.8. "x5c" (X.509 Certificate Chain) Header Parameter . . . 13 | 4.1.8. "x5c" (X.509 Certificate Chain) Header Parameter . . . 14 | |||
| 4.1.9. "x5t" (X.509 Certificate SHA-1 Thumbprint) Header | 4.1.9. "x5t" (X.509 Certificate SHA-1 Thumbprint) Header | |||
| Parameter . . . . . . . . . . . . . . . . . . . . . . 14 | Parameter . . . . . . . . . . . . . . . . . . . . . . 14 | |||
| 4.1.10. "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) | 4.1.10. "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) | |||
| Header Parameter . . . . . . . . . . . . . . . . . . . 14 | Header Parameter . . . . . . . . . . . . . . . . . . . 14 | |||
| 4.1.11. "typ" (Type) Header Parameter . . . . . . . . . . . . 14 | 4.1.11. "typ" (Type) Header Parameter . . . . . . . . . . . . 14 | |||
| 4.1.12. "cty" (Content Type) Header Parameter . . . . . . . . 14 | 4.1.12. "cty" (Content Type) Header Parameter . . . . . . . . 14 | |||
| 4.1.13. "crit" (Critical) Header Parameter . . . . . . . . . . 14 | 4.1.13. "crit" (Critical) Header Parameter . . . . . . . . . . 14 | |||
| 4.2. Public Header Parameter Names . . . . . . . . . . . . . . 14 | 4.2. Public Header Parameter Names . . . . . . . . . . . . . . 15 | |||
| 4.3. Private Header Parameter Names . . . . . . . . . . . . . . 15 | 4.3. Private Header Parameter Names . . . . . . . . . . . . . . 15 | |||
| 5. Producing and Consuming JWEs . . . . . . . . . . . . . . . . . 15 | 5. Producing and Consuming JWEs . . . . . . . . . . . . . . . . . 15 | |||
| 5.1. Message Encryption . . . . . . . . . . . . . . . . . . . . 15 | 5.1. Message Encryption . . . . . . . . . . . . . . . . . . . . 15 | |||
| 5.2. Message Decryption . . . . . . . . . . . . . . . . . . . . 17 | 5.2. Message Decryption . . . . . . . . . . . . . . . . . . . . 17 | |||
| 5.3. String Comparison Rules . . . . . . . . . . . . . . . . . 20 | 5.3. String Comparison Rules . . . . . . . . . . . . . . . . . 20 | |||
| 6. Key Identification . . . . . . . . . . . . . . . . . . . . . . 20 | 6. Key Identification . . . . . . . . . . . . . . . . . . . . . . 20 | |||
| 7. Serializations . . . . . . . . . . . . . . . . . . . . . . . . 20 | 7. Serializations . . . . . . . . . . . . . . . . . . . . . . . . 20 | |||
| 7.1. JWE Compact Serialization . . . . . . . . . . . . . . . . 20 | 7.1. JWE Compact Serialization . . . . . . . . . . . . . . . . 20 | |||
| 7.2. JWE JSON Serialization . . . . . . . . . . . . . . . . . . 21 | 7.2. JWE JSON Serialization . . . . . . . . . . . . . . . . . . 21 | |||
| 7.2.1. General JWE JSON Serialization Syntax . . . . . . . . 21 | 7.2.1. General JWE JSON Serialization Syntax . . . . . . . . 21 | |||
| 7.2.2. Flattened JWE JSON Serialization Syntax . . . . . . . 24 | 7.2.2. Flattened JWE JSON Serialization Syntax . . . . . . . 24 | |||
| 8. TLS Requirements . . . . . . . . . . . . . . . . . . . . . . . 24 | 8. TLS Requirements . . . . . . . . . . . . . . . . . . . . . . . 24 | |||
| 9. Distinguishing between JWS and JWE Objects . . . . . . . . . . 24 | 9. Distinguishing between JWS and JWE Objects . . . . . . . . . . 25 | |||
| 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 25 | 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 25 | |||
| 10.1. JSON Web Signature and Encryption Header Parameters | 10.1. JSON Web Signature and Encryption Header Parameters | |||
| Registration . . . . . . . . . . . . . . . . . . . . . . . 25 | Registration . . . . . . . . . . . . . . . . . . . . . . . 25 | |||
| 10.1.1. Registry Contents . . . . . . . . . . . . . . . . . . 25 | 10.1.1. Registry Contents . . . . . . . . . . . . . . . . . . 25 | |||
| 11. Security Considerations . . . . . . . . . . . . . . . . . . . 27 | 11. Security Considerations . . . . . . . . . . . . . . . . . . . 27 | |||
| 11.1. Key Entropy and Random Values . . . . . . . . . . . . . . 27 | 11.1. Key Entropy and Random Values . . . . . . . . . . . . . . 27 | |||
| 11.2. Key Protection . . . . . . . . . . . . . . . . . . . . . . 28 | 11.2. Key Protection . . . . . . . . . . . . . . . . . . . . . . 28 | |||
| 11.3. Using Matching Algorithm Strengths . . . . . . . . . . . . 28 | 11.3. Using Matching Algorithm Strengths . . . . . . . . . . . . 28 | |||
| 11.4. Adaptive Chosen-Ciphertext Attacks . . . . . . . . . . . . 28 | 11.4. Adaptive Chosen-Ciphertext Attacks . . . . . . . . . . . . 28 | |||
| 11.5. Timing Attacks . . . . . . . . . . . . . . . . . . . . . . 28 | 11.5. Timing Attacks . . . . . . . . . . . . . . . . . . . . . . 29 | |||
| 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 29 | 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 29 | |||
| 12.1. Normative References . . . . . . . . . . . . . . . . . . . 29 | 12.1. Normative References . . . . . . . . . . . . . . . . . . . 29 | |||
| 12.2. Informative References . . . . . . . . . . . . . . . . . . 29 | 12.2. Informative References . . . . . . . . . . . . . . . . . . 30 | |||
| Appendix A. JWE Examples . . . . . . . . . . . . . . . . . . . . 30 | Appendix A. JWE Examples . . . . . . . . . . . . . . . . . . . . 31 | |||
| A.1. Example JWE using RSAES OAEP and AES GCM . . . . . . . . . 31 | A.1. Example JWE using RSAES OAEP and AES GCM . . . . . . . . . 31 | |||
| A.1.1. JOSE Header . . . . . . . . . . . . . . . . . . . . . 31 | A.1.1. JOSE Header . . . . . . . . . . . . . . . . . . . . . 31 | |||
| A.1.2. Content Encryption Key (CEK) . . . . . . . . . . . . . 31 | A.1.2. Content Encryption Key (CEK) . . . . . . . . . . . . . 31 | |||
| A.1.3. Key Encryption . . . . . . . . . . . . . . . . . . . . 31 | A.1.3. Key Encryption . . . . . . . . . . . . . . . . . . . . 32 | |||
| A.1.4. Initialization Vector . . . . . . . . . . . . . . . . 33 | A.1.4. Initialization Vector . . . . . . . . . . . . . . . . 33 | |||
| A.1.5. Additional Authenticated Data . . . . . . . . . . . . 33 | A.1.5. Additional Authenticated Data . . . . . . . . . . . . 33 | |||
| A.1.6. Content Encryption . . . . . . . . . . . . . . . . . . 33 | A.1.6. Content Encryption . . . . . . . . . . . . . . . . . . 34 | |||
| A.1.7. Complete Representation . . . . . . . . . . . . . . . 34 | A.1.7. Complete Representation . . . . . . . . . . . . . . . 34 | |||
| A.1.8. Validation . . . . . . . . . . . . . . . . . . . . . . 34 | A.1.8. Validation . . . . . . . . . . . . . . . . . . . . . . 35 | |||
| A.2. Example JWE using RSAES-PKCS1-V1_5 and | A.2. Example JWE using RSAES-PKCS1-V1_5 and | |||
| AES_128_CBC_HMAC_SHA_256 . . . . . . . . . . . . . . . . . 35 | AES_128_CBC_HMAC_SHA_256 . . . . . . . . . . . . . . . . . 35 | |||
| A.2.1. JOSE Header . . . . . . . . . . . . . . . . . . . . . 35 | A.2.1. JOSE Header . . . . . . . . . . . . . . . . . . . . . 35 | |||
| A.2.2. Content Encryption Key (CEK) . . . . . . . . . . . . . 35 | A.2.2. Content Encryption Key (CEK) . . . . . . . . . . . . . 36 | |||
| A.2.3. Key Encryption . . . . . . . . . . . . . . . . . . . . 35 | A.2.3. Key Encryption . . . . . . . . . . . . . . . . . . . . 36 | |||
| A.2.4. Initialization Vector . . . . . . . . . . . . . . . . 37 | A.2.4. Initialization Vector . . . . . . . . . . . . . . . . 38 | |||
| A.2.5. Additional Authenticated Data . . . . . . . . . . . . 37 | A.2.5. Additional Authenticated Data . . . . . . . . . . . . 38 | |||
| A.2.6. Content Encryption . . . . . . . . . . . . . . . . . . 37 | A.2.6. Content Encryption . . . . . . . . . . . . . . . . . . 38 | |||
| A.2.7. Complete Representation . . . . . . . . . . . . . . . 38 | A.2.7. Complete Representation . . . . . . . . . . . . . . . 39 | |||
| A.2.8. Validation . . . . . . . . . . . . . . . . . . . . . . 38 | A.2.8. Validation . . . . . . . . . . . . . . . . . . . . . . 39 | |||
| A.3. Example JWE using AES Key Wrap and | A.3. Example JWE using AES Key Wrap and | |||
| AES_128_CBC_HMAC_SHA_256 . . . . . . . . . . . . . . . . . 39 | AES_128_CBC_HMAC_SHA_256 . . . . . . . . . . . . . . . . . 40 | |||
| A.3.1. JOSE Header . . . . . . . . . . . . . . . . . . . . . 39 | A.3.1. JOSE Header . . . . . . . . . . . . . . . . . . . . . 40 | |||
| A.3.2. Content Encryption Key (CEK) . . . . . . . . . . . . . 39 | A.3.2. Content Encryption Key (CEK) . . . . . . . . . . . . . 40 | |||
| A.3.3. Key Encryption . . . . . . . . . . . . . . . . . . . . 39 | A.3.3. Key Encryption . . . . . . . . . . . . . . . . . . . . 40 | |||
| A.3.4. Initialization Vector . . . . . . . . . . . . . . . . 40 | A.3.4. Initialization Vector . . . . . . . . . . . . . . . . 41 | |||
| A.3.5. Additional Authenticated Data . . . . . . . . . . . . 40 | A.3.5. Additional Authenticated Data . . . . . . . . . . . . 41 | |||
| A.3.6. Content Encryption . . . . . . . . . . . . . . . . . . 40 | A.3.6. Content Encryption . . . . . . . . . . . . . . . . . . 41 | |||
| A.3.7. Complete Representation . . . . . . . . . . . . . . . 41 | A.3.7. Complete Representation . . . . . . . . . . . . . . . 42 | |||
| A.3.8. Validation . . . . . . . . . . . . . . . . . . . . . . 41 | A.3.8. Validation . . . . . . . . . . . . . . . . . . . . . . 42 | |||
| A.4. Example JWE using General JWE JSON Serialization . . . . . 42 | A.4. Example JWE using General JWE JSON Serialization . . . . . 43 | |||
| A.4.1. JWE Per-Recipient Unprotected Headers . . . . . . . . 42 | A.4.1. JWE Per-Recipient Unprotected Headers . . . . . . . . 43 | |||
| A.4.2. JWE Protected Header . . . . . . . . . . . . . . . . . 42 | A.4.2. JWE Protected Header . . . . . . . . . . . . . . . . . 43 | |||
| A.4.3. JWE Unprotected Header . . . . . . . . . . . . . . . . 43 | A.4.3. JWE Unprotected Header . . . . . . . . . . . . . . . . 44 | |||
| A.4.4. Complete JOSE Header Values . . . . . . . . . . . . . 43 | A.4.4. Complete JOSE Header Values . . . . . . . . . . . . . 44 | |||
| A.4.5. Additional Authenticated Data . . . . . . . . . . . . 43 | A.4.5. Additional Authenticated Data . . . . . . . . . . . . 44 | |||
| A.4.6. Content Encryption . . . . . . . . . . . . . . . . . . 43 | A.4.6. Content Encryption . . . . . . . . . . . . . . . . . . 44 | |||
| A.4.7. Complete JWE JSON Serialization Representation . . . . 44 | A.4.7. Complete JWE JSON Serialization Representation . . . . 45 | |||
| A.5. Example JWE using Flattened JWE JSON Serialization . . . . 45 | A.5. Example JWE using Flattened JWE JSON Serialization . . . . 46 | |||
| Appendix B. Example AES_128_CBC_HMAC_SHA_256 Computation . . . . 45 | Appendix B. Example AES_128_CBC_HMAC_SHA_256 Computation . . . . 46 | |||
| B.1. Extract MAC_KEY and ENC_KEY from Key . . . . . . . . . . . 45 | B.1. Extract MAC_KEY and ENC_KEY from Key . . . . . . . . . . . 46 | |||
| B.2. Encrypt Plaintext to Create Ciphertext . . . . . . . . . . 46 | B.2. Encrypt Plaintext to Create Ciphertext . . . . . . . . . . 47 | |||
| B.3. 64 Bit Big Endian Representation of AAD Length . . . . . . 46 | B.3. 64 Bit Big Endian Representation of AAD Length . . . . . . 47 | |||
| B.4. Initialization Vector Value . . . . . . . . . . . . . . . 47 | B.4. Initialization Vector Value . . . . . . . . . . . . . . . 48 | |||
| B.5. Create Input to HMAC Computation . . . . . . . . . . . . . 47 | B.5. Create Input to HMAC Computation . . . . . . . . . . . . . 48 | |||
| B.6. Compute HMAC Value . . . . . . . . . . . . . . . . . . . . 47 | B.6. Compute HMAC Value . . . . . . . . . . . . . . . . . . . . 48 | |||
| B.7. Truncate HMAC Value to Create Authentication Tag . . . . . 47 | B.7. Truncate HMAC Value to Create Authentication Tag . . . . . 48 | |||
| Appendix C. Acknowledgements . . . . . . . . . . . . . . . . . . 47 | Appendix C. Acknowledgements . . . . . . . . . . . . . . . . . . 48 | |||
| Appendix D. Document History . . . . . . . . . . . . . . . . . . 48 | Appendix D. Document History . . . . . . . . . . . . . . . . . . 49 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 60 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 61 | |||
| 1. Introduction | 1. Introduction | |||
| JSON Web Encryption (JWE) represents encrypted content using | JSON Web Encryption (JWE) represents encrypted content using | |||
| JavaScript Object Notation (JSON) [RFC7159] based data structures. | JavaScript Object Notation (JSON) [RFC7159] based data structures. | |||
| The JWE cryptographic mechanisms encrypt and provide integrity | The JWE cryptographic mechanisms encrypt and provide integrity | |||
| protection for an arbitrary sequence of octets. | protection for an arbitrary sequence of octets. | |||
| Two closely related serializations for JWEs are defined. The JWE | Two closely related serializations for JWEs are defined. The JWE | |||
| Compact Serialization is a compact, URL-safe representation intended | Compact Serialization is a compact, URL-safe representation intended | |||
| skipping to change at page 5, line 42 ¶ | skipping to change at page 5, line 42 ¶ | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in Key | "OPTIONAL" in this document are to be interpreted as described in Key | |||
| words for use in RFCs to Indicate Requirement Levels [RFC2119]. If | words for use in RFCs to Indicate Requirement Levels [RFC2119]. If | |||
| these words are used without being spelled in uppercase then they are | these words are used without being spelled in uppercase then they are | |||
| to be interpreted with their normal natural language meanings. | to be interpreted with their normal natural language meanings. | |||
| BASE64URL(OCTETS) denotes the base64url encoding of OCTETS, per | BASE64URL(OCTETS) denotes the base64url encoding of OCTETS, per | |||
| Section 2 of [JWS]. | Section 2 of [JWS]. | |||
| UTF8(STRING) denotes the octets of the UTF-8 [RFC3629] representation | UTF8(STRING) denotes the octets of the UTF-8 [RFC3629] representation | |||
| of STRING. | of STRING, where STRING is a sequence of zero or more Unicode | |||
| [UNICODE] characters. | ||||
| ASCII(STRING) denotes the octets of the ASCII [RFC20] representation | ASCII(STRING) denotes the octets of the ASCII [RFC20] representation | |||
| of STRING. | of STRING, where STRING is a sequence of zero or more ASCII | |||
| characters. | ||||
| The concatenation of two values A and B is denoted as A || B. | The concatenation of two values A and B is denoted as A || B. | |||
| 2. Terminology | 2. Terminology | |||
| These terms defined by the JSON Web Signature (JWS) [JWS] | These terms defined by the JSON Web Signature (JWS) [JWS] | |||
| specification are incorporated into this specification: "JSON Web | specification are incorporated into this specification: "JSON Web | |||
| Signature (JWS)", "Base64url Encoding", "Collision-Resistant Name", | Signature (JWS)", "Base64url Encoding", "Collision-Resistant Name", | |||
| "Header Parameter", "JOSE Header", and "StringOrURI". | "Header Parameter", "JOSE Header", and "StringOrURI". | |||
| skipping to change at page 29, line 13 ¶ | skipping to change at page 29, line 20 ¶ | |||
| of receiving an improperly formatted key, that the recipient | of receiving an improperly formatted key, that the recipient | |||
| substitute a randomly generated CEK and proceed to the next step, to | substitute a randomly generated CEK and proceed to the next step, to | |||
| mitigate timing attacks. | mitigate timing attacks. | |||
| 12. References | 12. References | |||
| 12.1. Normative References | 12.1. Normative References | |||
| [JWA] Jones, M., "JSON Web Algorithms (JWA)", | [JWA] Jones, M., "JSON Web Algorithms (JWA)", | |||
| draft-ietf-jose-json-web-algorithms (work in progress), | draft-ietf-jose-json-web-algorithms (work in progress), | |||
| December 2014. | January 2015. | |||
| [JWK] Jones, M., "JSON Web Key (JWK)", | [JWK] Jones, M., "JSON Web Key (JWK)", | |||
| draft-ietf-jose-json-web-key (work in progress), | draft-ietf-jose-json-web-key (work in progress), | |||
| December 2014. | January 2015. | |||
| [JWS] Jones, M., Bradley, J., and N. Sakimura, "JSON Web | [JWS] Jones, M., Bradley, J., and N. Sakimura, "JSON Web | |||
| Signature (JWS)", draft-ietf-jose-json-web-signature (work | Signature (JWS)", draft-ietf-jose-json-web-signature (work | |||
| in progress), December 2014. | in progress), January 2015. | |||
| [RFC1951] Deutsch, P., "DEFLATE Compressed Data Format Specification | [RFC1951] Deutsch, P., "DEFLATE Compressed Data Format Specification | |||
| version 1.3", RFC 1951, May 1996. | version 1.3", RFC 1951, May 1996. | |||
| [RFC20] Cerf, V., "ASCII format for Network Interchange", RFC 20, | [RFC20] Cerf, V., "ASCII format for Network Interchange", RFC 20, | |||
| October 1969. | October 1969. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| skipping to change at page 29, line 46 ¶ | skipping to change at page 30, line 5 ¶ | |||
| RFC 4949, August 2007. | RFC 4949, August 2007. | |||
| [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | |||
| Housley, R., and W. Polk, "Internet X.509 Public Key | Housley, R., and W. Polk, "Internet X.509 Public Key | |||
| Infrastructure Certificate and Certificate Revocation List | Infrastructure Certificate and Certificate Revocation List | |||
| (CRL) Profile", RFC 5280, May 2008. | (CRL) Profile", RFC 5280, May 2008. | |||
| [RFC7159] Bray, T., "The JavaScript Object Notation (JSON) Data | [RFC7159] Bray, T., "The JavaScript Object Notation (JSON) Data | |||
| Interchange Format", RFC 7159, March 2014. | Interchange Format", RFC 7159, March 2014. | |||
| [UNICODE] The Unicode Consortium, "The Unicode Standard", 1991-, | ||||
| <http://www.unicode.org/versions/latest/>. | ||||
| 12.2. Informative References | 12.2. Informative References | |||
| [AES] National Institute of Standards and Technology (NIST), | [AES] National Institute of Standards and Technology (NIST), | |||
| "Advanced Encryption Standard (AES)", FIPS PUB 197, | "Advanced Encryption Standard (AES)", FIPS PUB 197, | |||
| November 2001. | November 2001. | |||
| [I-D.mcgrew-aead-aes-cbc-hmac-sha2] | [I-D.mcgrew-aead-aes-cbc-hmac-sha2] | |||
| McGrew, D., Foley, J., and K. Paterson, "Authenticated | McGrew, D., Foley, J., and K. Paterson, "Authenticated | |||
| Encryption with AES-CBC and HMAC-SHA", | Encryption with AES-CBC and HMAC-SHA", | |||
| draft-mcgrew-aead-aes-cbc-hmac-sha2-05 (work in progress), | draft-mcgrew-aead-aes-cbc-hmac-sha2-05 (work in progress), | |||
| skipping to change at page 48, line 34 ¶ | skipping to change at page 49, line 34 ¶ | |||
| Sakimura, Jim Schaad, Hannes Tschofenig, and Sean Turner. | Sakimura, Jim Schaad, Hannes Tschofenig, and Sean Turner. | |||
| Jim Schaad and Karen O'Donoghue chaired the JOSE working group and | Jim Schaad and Karen O'Donoghue chaired the JOSE working group and | |||
| Sean Turner, Stephen Farrell, and Kathleen Moriarty served as | Sean Turner, Stephen Farrell, and Kathleen Moriarty served as | |||
| Security area directors during the creation of this specification. | Security area directors during the creation of this specification. | |||
| Appendix D. Document History | Appendix D. Document History | |||
| [[ to be removed by the RFC Editor before publication as an RFC ]] | [[ to be removed by the RFC Editor before publication as an RFC ]] | |||
| -40 | ||||
| o Clarified the definitions of UTF8(STRING) and ASCII(STRING). | ||||
| -39 | -39 | |||
| o No changes were made, other than to the version number and date. | o No changes were made, other than to the version number and date. | |||
| -38 | -38 | |||
| o Replaced uses of the phrases "JWS object" and "JWE object" with | o Replaced uses of the phrases "JWS object" and "JWE object" with | |||
| "JWS" and "JWE". | "JWS" and "JWE". | |||
| o Added member names to the JWE JSON Serialization Overview. | o Added member names to the JWE JSON Serialization Overview. | |||
| End of changes. 25 change blocks. | ||||
| 58 lines changed or deleted | 67 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||