idnits 2.17.1 draft-ietf-jose-json-web-key-18.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (November 12, 2013) is 3810 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Possible downref: Non-RFC (?) normative reference: ref. 'ECMAScript' -- Possible downref: Non-RFC (?) normative reference: ref. 'ITU.X690.1994' ** Downref: Normative reference to an Historic RFC: RFC 1421 ** Obsolete normative reference: RFC 2818 (Obsoleted by RFC 9110) ** Obsolete normative reference: RFC 4627 (Obsoleted by RFC 7158, RFC 7159) ** Obsolete normative reference: RFC 5226 (Obsoleted by RFC 8126) ** Obsolete normative reference: RFC 5246 (Obsoleted by RFC 8446) -- Possible downref: Non-RFC (?) normative reference: ref. 'USASCII' -- Obsolete informational reference (is this intentional?): RFC 3447 (Obsoleted by RFC 8017) Summary: 5 errors (**), 0 flaws (~~), 1 warning (==), 6 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 JOSE Working Group M. Jones 3 Internet-Draft Microsoft 4 Intended status: Standards Track November 12, 2013 5 Expires: May 16, 2014 7 JSON Web Key (JWK) 8 draft-ietf-jose-json-web-key-18 10 Abstract 12 A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data 13 structure that represents a cryptographic key. This specification 14 also defines a JSON Web Key Set (JWK Set) JSON data structure for 15 representing a set of JWKs. Cryptographic algorithms and identifiers 16 for use with this specification are described in the separate JSON 17 Web Algorithms (JWA) specification and IANA registries defined by 18 that specification. 20 Status of this Memo 22 This Internet-Draft is submitted in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF). Note that other groups may also distribute 27 working documents as Internet-Drafts. The list of current Internet- 28 Drafts is at http://datatracker.ietf.org/drafts/current/. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 This Internet-Draft will expire on May 16, 2014. 37 Copyright Notice 39 Copyright (c) 2013 IETF Trust and the persons identified as the 40 document authors. All rights reserved. 42 This document is subject to BCP 78 and the IETF Trust's Legal 43 Provisions Relating to IETF Documents 44 (http://trustee.ietf.org/license-info) in effect on the date of 45 publication of this document. Please review these documents 46 carefully, as they describe your rights and restrictions with respect 47 to this document. Code Components extracted from this document must 48 include Simplified BSD License text as described in Section 4.e of 49 the Trust Legal Provisions and are provided without warranty as 50 described in the Simplified BSD License. 52 Table of Contents 54 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 55 1.1. Notational Conventions . . . . . . . . . . . . . . . . . . 4 56 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 57 3. JSON Web Key (JWK) Format . . . . . . . . . . . . . . . . . . 5 58 3.1. "kty" (Key Type) Parameter . . . . . . . . . . . . . . . . 5 59 3.2. "use" (Key Use) Parameter . . . . . . . . . . . . . . . . 6 60 3.3. "alg" (Algorithm) Parameter . . . . . . . . . . . . . . . 6 61 3.4. "kid" (Key ID) Parameter . . . . . . . . . . . . . . . . . 6 62 3.5. "x5u" (X.509 URL) Parameter . . . . . . . . . . . . . . . 7 63 3.6. "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter . . . 7 64 3.7. "x5c" (X.509 Certificate Chain) Parameter . . . . . . . . 8 65 4. JSON Web Key Set (JWK Set) Format . . . . . . . . . . . . . . 8 66 4.1. "keys" Parameter . . . . . . . . . . . . . . . . . . . . . 9 67 5. String Comparison Rules . . . . . . . . . . . . . . . . . . . 9 68 6. Encrypted JWK and Encrypted JWK Set Formats . . . . . . . . . 9 69 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 70 7.1. JSON Web Key Parameters Registry . . . . . . . . . . . . . 10 71 7.1.1. Registration Template . . . . . . . . . . . . . . . . 11 72 7.1.2. Initial Registry Contents . . . . . . . . . . . . . . 11 73 7.2. JSON Web Key Use Registry . . . . . . . . . . . . . . . . 13 74 7.2.1. Registration Template . . . . . . . . . . . . . . . . 13 75 7.2.2. Initial Registry Contents . . . . . . . . . . . . . . 13 76 7.3. JSON Web Key Set Parameters Registry . . . . . . . . . . . 14 77 7.3.1. Registration Template . . . . . . . . . . . . . . . . 14 78 7.3.2. Initial Registry Contents . . . . . . . . . . . . . . 14 79 7.4. Media Type Registration . . . . . . . . . . . . . . . . . 14 80 7.4.1. Registry Contents . . . . . . . . . . . . . . . . . . 14 81 8. Security Considerations . . . . . . . . . . . . . . . . . . . 15 82 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 16 83 9.1. Normative References . . . . . . . . . . . . . . . . . . . 16 84 9.2. Informative References . . . . . . . . . . . . . . . . . . 18 85 Appendix A. Example JSON Web Key Sets . . . . . . . . . . . . . . 18 86 A.1. Example Public Keys . . . . . . . . . . . . . . . . . . . 18 87 A.2. Example Private Keys . . . . . . . . . . . . . . . . . . . 19 88 A.3. Example Symmetric Keys . . . . . . . . . . . . . . . . . . 21 89 Appendix B. Example Use of "x5c" (X.509 Certificate Chain) 90 Parameter . . . . . . . . . . . . . . . . . . . . . . 21 91 Appendix C. Example Encrypted RSA Private Key . . . . . . . . . . 22 92 C.1. Plaintext RSA Private Key . . . . . . . . . . . . . . . . 23 93 C.2. JWE Header . . . . . . . . . . . . . . . . . . . . . . . . 26 94 C.3. Content Encryption Key (CEK) . . . . . . . . . . . . . . . 26 95 C.4. Key Encryption . . . . . . . . . . . . . . . . . . . . . . 27 96 C.5. Initialization Vector . . . . . . . . . . . . . . . . . . 27 97 C.6. Additional Authenticated Data . . . . . . . . . . . . . . 27 98 C.7. Content Encryption . . . . . . . . . . . . . . . . . . . . 28 99 C.8. Complete Representation . . . . . . . . . . . . . . . . . 31 100 Appendix D. Acknowledgements . . . . . . . . . . . . . . . . . . 32 101 Appendix E. Document History . . . . . . . . . . . . . . . . . . 33 102 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 37 104 1. Introduction 106 A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) [RFC4627] 107 data structure that represents a cryptographic key. This 108 specification also defines a JSON Web Key Set (JWK Set) JSON data 109 structure for representing a set of JWKs. Cryptographic algorithms 110 and identifiers for use with this specification are described in the 111 separate JSON Web Algorithms (JWA) [JWA] specification and IANA 112 registries defined by that specification. 114 Goals for this specification do not include representing certificate 115 chains, representing certified keys, and replacing X.509 116 certificates. 118 JWKs and JWK Sets are used in the JSON Web Signature (JWS) [JWS] and 119 JSON Web Encryption (JWE) [JWE] specifications. 121 Names defined by this specification are short because a core goal is 122 for the resulting representations to be compact. 124 1.1. Notational Conventions 126 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 127 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 128 document are to be interpreted as described in Key words for use in 129 RFCs to Indicate Requirement Levels [RFC2119]. If these words are 130 used without being spelled in uppercase then they are to be 131 interpreted with their normal natural language meanings. 133 BASE64URL(OCTETS) denotes the base64url encoding of OCTETS, per 134 Section 2. 136 UTF8(STRING) denotes the octets of the UTF-8 [RFC3629] representation 137 of STRING. 139 ASCII(STRING) denotes the octets of the ASCII [USASCII] 140 representation of STRING. 142 The concatenation of two values A and B is denoted as A || B. 144 2. Terminology 146 These terms defined by the JSON Web Signature (JWS) [JWS] 147 specification are incorporated into this specification: "Base64url 148 Encoding" and "Collision-Resistant Name". 150 These terms are defined for use by this specification: 152 JSON Web Key (JWK) A JSON object that represents a cryptographic 153 key. 155 JSON Web Key Set (JWK Set) A JSON object that contains an array of 156 JWKs as the value of its "keys" member. 158 3. JSON Web Key (JWK) Format 160 A JSON Web Key (JWK) is a JSON object. The members of the object 161 represent properties of the key, including its value. This document 162 defines the key parameters that are not algorithm specific, and thus 163 common to many keys. 165 In addition to the common parameters, each JWK will have members that 166 are specific to the kind of key being represented. These members 167 represent the parameters of the key. Section 6 of the JSON Web 168 Algorithms (JWA) [JWA] specification defines multiple kinds of 169 cryptographic keys and their associated members. 171 The member names within a JWK MUST be unique; recipients MUST either 172 reject JWKs with duplicate member names or use a JSON parser that 173 returns only the lexically last duplicate member name, as specified 174 in Section 15.12 (The JSON Object) of ECMAScript 5.1 [ECMAScript]. 176 Additional members can be present in the JWK. If not understood by 177 implementations encountering them, they MUST be ignored. Member 178 names used for representing key parameters for different keys types 179 need not be distinct. Any new member name should either be 180 registered in the IANA JSON Web Key Parameters registry defined in 181 Section 7.1 or be a value that contains a Collision-Resistant Name. 183 3.1. "kty" (Key Type) Parameter 185 The "kty" (key type) member identifies the cryptographic algorithm 186 family used with the key. "kty" values should either be registered in 187 the IANA JSON Web Key Types registry defined in [JWA] or be a value 188 that contains a Collision-Resistant Name. The "kty" value is a case- 189 sensitive string. This member MUST be present in a JWK. 191 A list of defined "kty" values can be found in the IANA JSON Web Key 192 Types registry defined in [JWA]; the initial contents of this 193 registry are the values defined in Section 6.1 of the JSON Web 194 Algorithms (JWA) [JWA] specification. 196 The key type definitions include specification of the members to be 197 used for those key types. Additional members used with "kty" values 198 can also be found in the IANA JSON Web Key Parameters registry 199 defined in Section 7.1. 201 3.2. "use" (Key Use) Parameter 203 The "use" (key use) member identifies the intended use of the key. 204 Values defined by this specification are: 206 o "sig" (signature or MAC) 208 o "enc" (encryption) 210 Other values MAY be used. Key Use values can be registered in the 211 IANA JSON Web Key Use registry defined in Section 7.2. The "use" 212 value is a case-sensitive string. A "use" member SHOULD be present, 213 unless the application uses another means or convention to determine 214 the intended key usage. 216 When a key is used to wrap another key and a key use designation for 217 the first key is desired, the "enc" (encryption) key use value SHOULD 218 be used, since key wrapping is a kind of encryption. (The "alg" 219 member can be used to specify the particular kind of encryption to be 220 performed, when desired.) 222 3.3. "alg" (Algorithm) Parameter 224 The "alg" (algorithm) member identifies the algorithm intended for 225 use with the key. The values used should either be registered in the 226 IANA JSON Web Signature and Encryption Algorithms registry defined in 227 [JWA] or be a value that contains a Collision-Resistant Name. Use of 228 this member is OPTIONAL. 230 3.4. "kid" (Key ID) Parameter 232 The "kid" (key ID) member can be used to match a specific key. This 233 can be used, for instance, to choose among a set of keys within a JWK 234 Set during key rollover. The structure of the "kid" value is 235 unspecified. When "kid" values are used within a JWK Set, different 236 keys within the JWK Set SHOULD use distinct "kid" values. (One 237 example in which different keys might use the same "kid" value is if 238 they have different "kty" (key type) values but are considered to be 239 equivalent alternatives by the application using them.) The "kid" 240 value is a case-sensitive string. Use of this member is OPTIONAL. 242 When used with JWS or JWE, the "kid" value is used to match a JWS or 243 JWE "kid" Header Parameter value. 245 3.5. "x5u" (X.509 URL) Parameter 247 The "x5u" (X.509 URL) member is a URI [RFC3986] that refers to a 248 resource for an X.509 public key certificate or certificate chain 249 [RFC5280]. The identified resource MUST provide a representation of 250 the certificate or certificate chain that conforms to RFC 5280 251 [RFC5280] in PEM encoded form [RFC1421]. The key in the first 252 certificate MUST match the public key represented by other members of 253 the JWK. The protocol used to acquire the resource MUST provide 254 integrity protection; an HTTP GET request to retrieve the certificate 255 MUST use TLS [RFC2818] [RFC5246]; the identity of the server MUST be 256 validated, as per Section 3.1 of HTTP Over TLS [RFC2818]. Use of 257 this member is OPTIONAL. 259 While there is no requirement that members other than those 260 representing the public key be populated when an "x5u" member is 261 present, doing so may improve interoperability for applications that 262 do not handle PKIX certificates. If other members are present, the 263 contents of those members MUST be semantically consistent with the 264 related fields in the first certificate. For instance, if the "use" 265 member is present, then it needs to allow for only a subset of the 266 usages that are permitted by the certificate. Similarly, if the 267 "alg" member is present, it should represent an algorithm that the 268 certificate allows. 270 3.6. "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter 272 The "x5t" (X.509 Certificate SHA-1 Thumbprint) member is a base64url 273 encoded SHA-1 thumbprint (a.k.a. digest) of the DER encoding of an 274 X.509 certificate [RFC5280]. The key in the certificate MUST match 275 the public key represented by other members of the JWK. Use of this 276 member is OPTIONAL. 278 If, in the future, certificate thumbprints need to be computed using 279 hash functions other than SHA-1, it is suggested that additional 280 related JWK parameters be defined for that purpose. For example, it 281 is suggested that a new "x5t#S256" (X.509 Certificate Thumbprint 282 using SHA-256) JWK parameter could be defined by registering it in 283 the IANA JSON Web Key Parameters registry defined in Section 7.1. 285 As with the "x5u" member, members other than those representing the 286 public key may also be populated when an "x5t" member is present. If 287 other members are present, the contents of those members MUST be 288 semantically consistent with the related fields in the referenced 289 certificate. See the last paragraph of Section 3.5 for additional 290 guidance on this. 292 3.7. "x5c" (X.509 Certificate Chain) Parameter 294 The "x5c" (X.509 Certificate Chain) member contains a chain of one or 295 more PKIX certificates [RFC5280]. The certificate chain is 296 represented as a JSON array of certificate value strings. Each 297 string in the array is a base64 encoded ([RFC4648] Section 4 -- not 298 base64url encoded) DER [ITU.X690.1994] PKIX certificate value. The 299 PKIX certificate containing the key value MUST be the first 300 certificate. This MAY be followed by additional certificates, with 301 each subsequent certificate being the one used to certify the 302 previous one. The key in the first certificate MUST match the public 303 key represented by other members of the JWK. Use of this member is 304 OPTIONAL. 306 As with the "x5u" member, members other than those representing the 307 public key may also be populated when an "x5c" member is present. If 308 other members are present, the contents of those members MUST be 309 semantically consistent with the related fields in the first 310 certificate. See the last paragraph of Section 3.5 for additional 311 guidance on this. 313 4. JSON Web Key Set (JWK Set) Format 315 A JSON Web Key Set (JWK Set) is a JSON object representing a set of 316 JWKs. The JSON object MUST have a "keys" member, which is an array 317 of JWK objects. 319 The member names within a JWK Set MUST be unique; recipients MUST 320 either reject JWK Sets with duplicate member names or use a JSON 321 parser that returns only the lexically last duplicate member name, as 322 specified in Section 15.12 (The JSON Object) of ECMAScript 5.1 323 [ECMAScript]. 325 Additional members can be present in the JWK Set. If not understood 326 by implementations encountering them, they MUST be ignored. 327 Parameters for representing additional properties of JWK Sets should 328 either be registered in the IANA JSON Web Key Set Parameters registry 329 defined in Section 7.3 or be a value that contains a Collision- 330 Resistant Name. 332 Implementations SHOULD ignore JWKs within a JWK Set that use "kty" 333 (key type) values that are not understood by them, are missing 334 required members, or for which values are out of the supported 335 ranges. 337 4.1. "keys" Parameter 339 The value of the "keys" member is an array of JWK values. By 340 default, the order of the JWK values within the array does not imply 341 an order of preference among them, although applications of JWK Sets 342 can choose to assign a meaning to the order for their purposes, if 343 desired. This member MUST be present in a JWK Set. 345 5. String Comparison Rules 347 The string comparison rules for this specification are the same as 348 those defined in Section 5.3 of [JWS]. 350 6. Encrypted JWK and Encrypted JWK Set Formats 352 JWKs containing non-public key material will need to be encrypted in 353 some contexts to prevent the disclosure of private or symmetric key 354 values to unintended parties. The use of an Encrypted JWK, which is 355 a JWE with the UTF-8 encoding of a JWK as its plaintext value, is 356 recommended for this purpose. The processing of Encrypted JWKs is 357 identical to the processing of other JWEs. A "cty" (content type) 358 Header Parameter value of "jwk+json" MUST be used to indicate that 359 the content of the JWE is a JWK, unless the application knows that 360 the encrypted content is a JWK by another means or convention. 362 JWK Sets containing non-public key material will similarly need to be 363 encrypted. The use of an Encrypted JWK Set, which is a JWE with the 364 UTF-8 encoding of a JWK Set as its plaintext value, is recommended 365 for this purpose. The processing of Encrypted JWK Sets is identical 366 to the processing of other JWEs. A "cty" (content type) Header 367 Parameter value of "jwk-set+json" MUST be used to indicate that the 368 content of the JWE is a JWK Set, unless the application knows that 369 the encrypted content is a JWK Set by another means or convention. 371 See Appendix C for an example encrypted JWK. 373 7. IANA Considerations 375 The following registration procedure is used for all the registries 376 established by this specification. 378 Values are registered with a Specification Required [RFC5226] after a 379 two-week review period on the [TBD]@ietf.org mailing list, on the 380 advice of one or more Designated Experts. However, to allow for the 381 allocation of values prior to publication, the Designated Expert(s) 382 may approve registration once they are satisfied that such a 383 specification will be published. 385 Registration requests must be sent to the [TBD]@ietf.org mailing list 386 for review and comment, with an appropriate subject (e.g., "Request 387 for access token type: example"). [[ Note to the RFC Editor: The name 388 of the mailing list should be determined in consultation with the 389 IESG and IANA. Suggested name: jose-reg-review. ]] 391 Within the review period, the Designated Expert(s) will either 392 approve or deny the registration request, communicating this decision 393 to the review list and IANA. Denials should include an explanation 394 and, if applicable, suggestions as to how to make the request 395 successful. Registration requests that are undetermined for a period 396 longer than 21 days can be brought to the IESG's attention (using the 397 iesg@iesg.org mailing list) for resolution. 399 Criteria that should be applied by the Designated Expert(s) includes 400 determining whether the proposed registration duplicates existing 401 functionality, determining whether it is likely to be of general 402 applicability or whether it is useful only for a single application, 403 and whether the registration makes sense. 405 IANA must only accept registry updates from the Designated Expert(s) 406 and should direct all requests for registration to the review mailing 407 list. 409 It is suggested that multiple Designated Experts be appointed who are 410 able to represent the perspectives of different applications using 411 this specification, in order to enable broadly-informed review of 412 registration decisions. In cases where a registration decision could 413 be perceived as creating a conflict of interest for a particular 414 Expert, that Expert should defer to the judgment of the other 415 Expert(s). 417 7.1. JSON Web Key Parameters Registry 419 This specification establishes the IANA JSON Web Key Parameters 420 registry for JWK parameter names. The registry records the parameter 421 name, the key type(s) that the parameter is used with, and a 422 reference to the specification that defines it. It also records 423 whether the parameter conveys public or private information. This 424 specification registers the parameter names defined in Section 3. 425 The same JWK parameter name may be registered multiple times, 426 provided that duplicate parameter registrations are only for key type 427 specific JWK parameters; in this case, the meaning of the duplicate 428 parameter name is disambiguated by the "kty" value of the JWK 429 containing it. 431 7.1.1. Registration Template 433 Parameter Name: 434 The name requested (e.g., "example"). Because a core goal of this 435 specification is for the resulting representations to be compact, 436 it is RECOMMENDED that the name be short -- not to exceed 8 437 characters without a compelling reason to do so. This name is 438 case-sensitive. Names may not match other registered names in a 439 case-insensitive manner unless the Designated Expert(s) state that 440 there is a compelling reason to allow an exception in this 441 particular case. However, matching names may be registered, 442 provided that the accompanying sets of "kty" values that the 443 Parameter Name is used with are disjoint; for the purposes of 444 matching "kty" values, "*" matches all values. 446 Parameter Description: 447 Brief description of the parameter (e.g., "Example description"). 449 Used with "kty" Value(s): 450 The key type parameter value(s) that the parameter name is to be 451 used with, or the value "*" if the parameter value is used with 452 all key types. Values may not match other registered "kty" values 453 in a case-insensitive manner when the registered Parameter Name is 454 the same (including when the Parameter Name matches in a case- 455 insensitive manner) unless the Designated Expert(s) state that 456 there is a compelling reason to allow an exception in this 457 particular case. 459 Parameter Information Class: 460 Registers whether the parameter conveys public or private 461 information. Its value must be one the words Public or Private. 463 Change Controller: 464 For Standards Track RFCs, state "IESG". For others, give the name 465 of the responsible party. Other details (e.g., postal address, 466 email address, home page URI) may also be included. 468 Specification Document(s): 469 Reference to the document(s) that specify the parameter, 470 preferably including URI(s) that can be used to retrieve copies of 471 the document(s). An indication of the relevant sections may also 472 be included but is not required. 474 7.1.2. Initial Registry Contents 476 o Parameter Name: "kty" 477 o Parameter Description: Key Type 478 o Used with "kty" Value(s): * 479 o Parameter Information Class: Public 480 o Change Controller: IESG 481 o Specification Document(s): Section 3.1 of [[ this document ]] 483 o Parameter Name: "use" 484 o Parameter Description: Key Use 485 o Used with "kty" Value(s): * 486 o Parameter Information Class: Public 487 o Change Controller: IESG 488 o Specification Document(s): Section 3.2 of [[ this document ]] 490 o Parameter Name: "alg" 491 o Parameter Description: Algorithm 492 o Used with "kty" Value(s): * 493 o Parameter Information Class: Public 494 o Change Controller: IESG 495 o Specification Document(s): Section 3.3 of [[ this document ]] 497 o Parameter Name: "kid" 498 o Parameter Description: Key ID 499 o Used with "kty" Value(s): * 500 o Parameter Information Class: Public 501 o Change Controller: IESG 502 o Specification Document(s): Section 3.4 of [[ this document ]] 504 o Parameter Name: "x5u" 505 o Parameter Description: X.509 URL 506 o Used with "kty" Value(s): * 507 o Parameter Information Class: Public 508 o Change Controller: IESG 509 o Specification Document(s): Section 3.5 of [[ this document ]] 511 o Parameter Name: "x5t" 512 o Parameter Description: X.509 Certificate SHA-1 Thumbprint 513 o Used with "kty" Value(s): * 514 o Parameter Information Class: Public 515 o Change Controller: IESG 516 o Specification Document(s): Section 3.6 of [[ this document ]] 518 o Parameter Name: "x5c" 519 o Parameter Description: X.509 Certificate Chain 520 o Used with "kty" Value(s): * 521 o Parameter Information Class: Public 522 o Change Controller: IESG 523 o Specification Document(s): Section 3.7 of [[ this document ]] 525 7.2. JSON Web Key Use Registry 527 This specification establishes the IANA JSON Web Key Use registry for 528 JWK "use" member values. The registry records the key use value and 529 a reference to the specification that defines it. This specification 530 registers the parameter names defined in Section 3.2. 532 7.2.1. Registration Template 534 Use Member Value: 535 The name requested (e.g., "example"). Because a core goal of this 536 specification is for the resulting representations to be compact, 537 it is RECOMMENDED that the name be short -- not to exceed 8 538 characters without a compelling reason to do so. This name is 539 case-sensitive. Names may not match other registered names in a 540 case-insensitive manner unless the Designated Expert(s) state that 541 there is a compelling reason to allow an exception in this 542 particular case. 544 Use Description: 545 Brief description of the use (e.g., "Example description"). 547 Change Controller: 548 For Standards Track RFCs, state "IESG". For others, give the name 549 of the responsible party. Other details (e.g., postal address, 550 email address, home page URI) may also be included. 552 Specification Document(s): 553 Reference to the document(s) that specify the parameter, 554 preferably including URI(s) that can be used to retrieve copies of 555 the document(s). An indication of the relevant sections may also 556 be included but is not required. 558 7.2.2. Initial Registry Contents 560 o Use Member Value: "sig" 561 o Use Description: Signature or MAC 562 o Change Controller: IESG 563 o Specification Document(s): Section 3.2 of [[ this document ]] 565 o Use Member Value: "enc" 566 o Use Description: Encryption 567 o Change Controller: IESG 568 o Specification Document(s): Section 3.2 of [[ this document ]] 570 7.3. JSON Web Key Set Parameters Registry 572 This specification establishes the IANA JSON Web Key Set Parameters 573 registry for JWK Set parameter names. The registry records the 574 parameter name and a reference to the specification that defines it. 575 This specification registers the parameter names defined in 576 Section 4. 578 7.3.1. Registration Template 580 Parameter Name: 581 The name requested (e.g., "example"). Because a core goal of this 582 specification is for the resulting representations to be compact, 583 it is RECOMMENDED that the name be short -- not to exceed 8 584 characters without a compelling reason to do so. This name is 585 case-sensitive. Names may not match other registered names in a 586 case-insensitive manner unless the Designated Expert(s) state that 587 there is a compelling reason to allow an exception in this 588 particular case. 590 Parameter Description: 591 Brief description of the parameter (e.g., "Example description"). 593 Change Controller: 594 For Standards Track RFCs, state "IESG". For others, give the name 595 of the responsible party. Other details (e.g., postal address, 596 email address, home page URI) may also be included. 598 Specification Document(s): 599 Reference to the document(s) that specify the parameter, 600 preferably including URI(s) that can be used to retrieve copies of 601 the document(s). An indication of the relevant sections may also 602 be included but is not required. 604 7.3.2. Initial Registry Contents 606 o Parameter Name: "keys" 607 o Parameter Description: Array of JWK values 608 o Change Controller: IESG 609 o Specification Document(s): Section 4.1 of [[ this document ]] 611 7.4. Media Type Registration 613 7.4.1. Registry Contents 615 This specification registers the "application/jwk+json" and 616 "application/jwk-set+json" Media Types [RFC2046] in the MIME Media 617 Types registry [IANA.MediaTypes], which can be used to indicate, 618 respectively, that the content is a JWK or a JWK Set. 620 o Type Name: application 621 o Subtype Name: jwk+json 622 o Required Parameters: n/a 623 o Optional Parameters: n/a 624 o Encoding considerations: 8bit; application/jwk+json values are 625 represented as JSON object; UTF-8 encoding SHOULD be employed for 626 the JSON object. 627 o Security Considerations: See the Security Considerations section 628 of [[ this document ]] 629 o Interoperability Considerations: n/a 630 o Published Specification: [[ this document ]] 631 o Applications that use this media type: TBD 632 o Additional Information: Magic number(s): n/a, File extension(s): 633 n/a, Macintosh file type code(s): n/a 634 o Person & email address to contact for further information: Michael 635 B. Jones, mbj@microsoft.com 636 o Intended Usage: COMMON 637 o Restrictions on Usage: none 638 o Author: Michael B. Jones, mbj@microsoft.com 639 o Change Controller: IESG 641 o Type Name: application 642 o Subtype Name: jwk-set+json 643 o Required Parameters: n/a 644 o Optional Parameters: n/a 645 o Encoding considerations: 8bit; application/jwk-set+json values are 646 represented as a JSON Object; UTF-8 encoding SHOULD be employed 647 for the JSON object. 648 o Security Considerations: See the Security Considerations section 649 of [[ this document ]] 650 o Interoperability Considerations: n/a 651 o Published Specification: [[ this document ]] 652 o Applications that use this media type: TBD 653 o Additional Information: Magic number(s): n/a, File extension(s): 654 n/a, Macintosh file type code(s): n/a 655 o Person & email address to contact for further information: Michael 656 B. Jones, mbj@microsoft.com 657 o Intended Usage: COMMON 658 o Restrictions on Usage: none 659 o Author: Michael B. Jones, mbj@microsoft.com 660 o Change Controller: IESG 662 8. Security Considerations 664 All of the security issues faced by any cryptographic application 665 must be faced by a JWS/JWE/JWK agent. Among these issues are 666 protecting the user's private and symmetric keys, preventing various 667 attacks, and helping the user avoid mistakes such as inadvertently 668 encrypting a message for the wrong recipient. The entire list of 669 security considerations is beyond the scope of this document, but 670 some significant considerations are listed here. 672 One should place no more trust in the data associated with a key than 673 in than the method by which it was obtained and in the 674 trustworthiness of the entity asserting an association with the key. 675 Any data associated with a key that is obtained in an untrusted 676 manner should be treated with skepticism. 678 Private and symmetric keys MUST be protected from disclosure to 679 unintended parties. One recommended means of doing so is to encrypt 680 JWKs or JWK Sets containing them by using the JWK or JWK Set value as 681 the plaintext of a JWE. 683 The security considerations in RFC 3447 [RFC3447] and RFC 6030 684 [RFC6030] about protecting private and symmetric keys, key usage, and 685 information leakage also apply to this specification. 687 The security considerations in XML DSIG 2.0 688 [W3C.CR-xmldsig-core2-20120124], about key representations also apply 689 to this specification, other than those that are XML specific. 691 The TLS Requirements in [JWS] also apply to this specification. 693 9. References 695 9.1. Normative References 697 [ECMAScript] 698 Ecma International, "ECMAScript Language Specification, 699 5.1 Edition", ECMA 262, June 2011. 701 [IANA.MediaTypes] 702 Internet Assigned Numbers Authority (IANA), "MIME Media 703 Types", 2005. 705 [ITU.X690.1994] 706 International Telecommunications Union, "Information 707 Technology - ASN.1 encoding rules: Specification of Basic 708 Encoding Rules (BER), Canonical Encoding Rules (CER) and 709 Distinguished Encoding Rules (DER)", ITU-T Recommendation 710 X.690, 1994. 712 [JWA] Jones, M., "JSON Web Algorithms (JWA)", 713 draft-ietf-jose-json-web-algorithms (work in progress), 714 November 2013. 716 [JWE] Jones, M., Rescorla, E., and J. Hildebrand, "JSON Web 717 Encryption (JWE)", draft-ietf-jose-json-web-encryption 718 (work in progress), November 2013. 720 [JWS] Jones, M., Bradley, J., and N. Sakimura, "JSON Web 721 Signature (JWS)", draft-ietf-jose-json-web-signature (work 722 in progress), November 2013. 724 [RFC1421] Linn, J., "Privacy Enhancement for Internet Electronic 725 Mail: Part I: Message Encryption and Authentication 726 Procedures", RFC 1421, February 1993. 728 [RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 729 Extensions (MIME) Part Two: Media Types", RFC 2046, 730 November 1996. 732 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 733 Requirement Levels", BCP 14, RFC 2119, March 1997. 735 [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000. 737 [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO 738 10646", STD 63, RFC 3629, November 2003. 740 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 741 Resource Identifier (URI): Generic Syntax", STD 66, 742 RFC 3986, January 2005. 744 [RFC4627] Crockford, D., "The application/json Media Type for 745 JavaScript Object Notation (JSON)", RFC 4627, July 2006. 747 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 748 Encodings", RFC 4648, October 2006. 750 [RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an 751 IANA Considerations Section in RFCs", BCP 26, RFC 5226, 752 May 2008. 754 [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security 755 (TLS) Protocol Version 1.2", RFC 5246, August 2008. 757 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 758 Housley, R., and W. Polk, "Internet X.509 Public Key 759 Infrastructure Certificate and Certificate Revocation List 760 (CRL) Profile", RFC 5280, May 2008. 762 [USASCII] American National Standards Institute, "Coded Character 763 Set -- 7-bit American Standard Code for Information 764 Interchange", ANSI X3.4, 1986. 766 [W3C.CR-xmldsig-core2-20120124] 767 Eastlake, D., Reagle, J., Yiu, K., Solo, D., Datta, P., 768 Hirsch, F., Cantor, S., and T. Roessler, "XML Signature 769 Syntax and Processing Version 2.0", World Wide Web 770 Consortium CR CR-xmldsig-core2-20120124, January 2012, 771 . 773 9.2. Informative References 775 [MagicSignatures] 776 Panzer (editor), J., Laurie, B., and D. Balfanz, "Magic 777 Signatures", January 2011. 779 [RFC3447] Jonsson, J. and B. Kaliski, "Public-Key Cryptography 780 Standards (PKCS) #1: RSA Cryptography Specifications 781 Version 2.1", RFC 3447, February 2003. 783 [RFC6030] Hoyer, P., Pei, M., and S. Machani, "Portable Symmetric 784 Key Container (PSKC)", RFC 6030, October 2010. 786 Appendix A. Example JSON Web Key Sets 788 A.1. Example Public Keys 790 The following example JWK Set contains two public keys represented as 791 JWKs: one using an Elliptic Curve algorithm and a second one using an 792 RSA algorithm. The first specifies that the key is to be used for 793 encryption. The second specifies that the key is to be used with the 794 "RS256" algorithm. Both provide a Key ID for key matching purposes. 795 In both cases, integers are represented using the base64url encoding 796 of their big endian representations. (Long lines are broken are for 797 display purposes only.) 798 {"keys": 799 [ 800 {"kty":"EC", 801 "crv":"P-256", 802 "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4", 803 "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM", 804 "use":"enc", 805 "kid":"1"}, 807 {"kty":"RSA", 808 "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx 809 4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs 810 tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2 811 QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI 812 SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb 813 w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", 814 "e":"AQAB", 815 "alg":"RS256", 816 "kid":"2011-04-29"} 817 ] 818 } 820 A.2. Example Private Keys 822 The following example JWK Set contains two keys represented as JWKs 823 containing both public and private key values: one using an Elliptic 824 Curve algorithm and a second one using an RSA algorithm. This 825 example extends the example in the previous section, adding private 826 key values. (Line breaks are for display purposes only.) 827 {"keys": 828 [ 829 {"kty":"EC", 830 "crv":"P-256", 831 "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4", 832 "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM", 833 "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE", 834 "use":"enc", 835 "kid":"1"}, 837 {"kty":"RSA", 838 "n":"0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4 839 cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMst 840 n64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2Q 841 vzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbIS 842 D08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw 843 0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw", 844 "e":"AQAB", 845 "d":"X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9 846 M7dx5oo7GURknchnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqij 847 wp3RTzlBaCxWp4doFk5N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d 848 _cPVY3i07a3t8MN6TNwm0dSawm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBz 849 nbJSzFHK66jT8bgkuqsk0GjskDJk19Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFz 850 me1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q", 851 "p":"83i-7IvMGXoMXCskv73TKr8637FiO7Z27zv8oj6pbWUQyLPQBQxtPV 852 nwD20R-60eTDmD2ujnMt5PoqMrm8RfmNhVWDtjjMmCMjOpSXicFHj7XOuVIYQyqV 853 WlWEh6dN36GVZYk93N8Bc9vY41xy8B9RzzOGVQzXvNEvn7O0nVbfs", 854 "q":"3dfOR9cuYq-0S-mkFLzgItgMEfFzB2q3hWehMuG0oCuqnb3vobLyum 855 qjVZQO1dIrdwgTnCdpYzBcOfW5r370AFXjiWft_NGEiovonizhKpo9VVS78TzFgx 856 kIdrecRezsZ-1kYd_s1qDbxtkDEgfAITAG9LUnADun4vIcb6yelxk", 857 "dp":"G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oim 858 YwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_Nmtu 859 YZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0", 860 "dq":"s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUU 861 vMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9 862 GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk", 863 "qi":"GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzg 864 UIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rx 865 yR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU", 866 "alg":"RS256", 867 "kid":"2011-04-29"} 868 ] 869 } 871 A.3. Example Symmetric Keys 873 The following example JWK Set contains two symmetric keys represented 874 as JWKs: one designated as being for use with the AES Key Wrap 875 algorithm and a second one that is an HMAC key. (Line breaks are for 876 display purposes only.) 878 {"keys": 879 [ 880 {"kty":"oct", 881 "alg":"A128KW", 882 "k":"GawgguFyGrWKav7AX4VKUg"}, 884 {"kty":"oct", 885 "k":"AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75 886 aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow", 887 "kid":"HMAC key used in JWS A.1 example"} 888 ] 889 } 891 Appendix B. Example Use of "x5c" (X.509 Certificate Chain) Parameter 892 The following is an example of a JWK with a RSA signing key 893 represented both as an RSA public key and as an X.509 certificate 894 using the "x5c" parameter: 896 {"kty":"RSA", 897 "use":"sig", 898 "kid":"1b94c", 899 "n":"vrjOfz9Ccdgx5nQudyhdoR17V-IubWMeOZCwX_jj0hgAsz2J_pqYW08 900 PLbK_PdiVGKPrqzmDIsLI7sA25VEnHU1uCLNwBuUiCO11_-7dYbsr4iJmG0Q 901 u2j8DsVyT1azpJC_NG84Ty5KKthuCaPod7iI7w0LK9orSMhBEwwZDCxTWq4a 902 YWAchc8t-emd9qOvWtVMDC2BXksRngh6X5bUYLy6AyHKvj-nUy1wgzjYQDwH 903 MTplCoLtU-o-8SNnZ1tmRoGE9uJkBLdh5gFENabWnU5m1ZqZPdwS-qo-meMv 904 VfJb6jJVWRpl2SUtCnYG2C32qvbWbjZ_jBPD5eunqsIo1vQ", 905 "e":"AQAB", 906 "x5c": 907 ["MIIDQjCCAiqgAwIBAgIGATz/FuLiMA0GCSqGSIb3DQEBBQUAMGIxCzAJB 908 gNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMRwwGgYD 909 VQQKExNQaW5nIElkZW50aXR5IENvcnAuMRcwFQYDVQQDEw5CcmlhbiBDYW1 910 wYmVsbDAeFw0xMzAyMjEyMzI5MTVaFw0xODA4MTQyMjI5MTVaMGIxCzAJBg 911 NVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMRwwGgYDV 912 QQKExNQaW5nIElkZW50aXR5IENvcnAuMRcwFQYDVQQDEw5CcmlhbiBDYW1w 913 YmVsbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL64zn8/QnH 914 YMeZ0LncoXaEde1fiLm1jHjmQsF/449IYALM9if6amFtPDy2yvz3YlRij66 915 s5gyLCyO7ANuVRJx1NbgizcAblIgjtdf/u3WG7K+IiZhtELto/A7Fck9Ws6 916 SQvzRvOE8uSirYbgmj6He4iO8NCyvaK0jIQRMMGQwsU1quGmFgHIXPLfnpn 917 fajr1rVTAwtgV5LEZ4Iel+W1GC8ugMhyr4/p1MtcIM42EA8BzE6ZQqC7VPq 918 PvEjZ2dbZkaBhPbiZAS3YeYBRDWm1p1OZtWamT3cEvqqPpnjL1XyW+oyVVk 919 aZdklLQp2Btgt9qr21m42f4wTw+Xrp6rCKNb0CAwEAATANBgkqhkiG9w0BA 920 QUFAAOCAQEAh8zGlfSlcI0o3rYDPBB07aXNswb4ECNIKG0CETTUxmXl9KUL 921 +9gGlqCz5iWLOgWsnrcKcY0vXPG9J1r9AqBNTqNgHq2G03X09266X5CpOe1 922 zFo+Owb1zxtp3PehFdfQJ610CDLEaS9V9Rqp17hCyybEpOGVwe8fnk+fbEL 923 2Bo3UPGrpsHzUoaGpDftmWssZkhpBJKVMJyf/RuP2SmmaIzmnw9JiSlYhzo 924 4tpzd5rFXhjRbg4zW9C+2qok+2+qDM1iJ684gPHMIY8aLWrdgQTxkumGmTq 925 gawR+N5MDtdPTEQ0XfIBc2cJEUyMTY5MPvACWpkA6SdS4xSvdXK3IVfOWA=="] 926 } 928 Appendix C. Example Encrypted RSA Private Key 930 This example encrypts an RSA private key to the recipient using 931 "PBES2-HS256+A128KW" for key encryption and "A128CBC+HS256" for 932 content encryption. 934 NOTE: Unless otherwise indicated, all line breaks are included solely 935 for readability. 937 C.1. Plaintext RSA Private Key 939 The following RSA key is the plaintext for the encryption operation, 940 formatted as a JWK object: 942 { 943 "kty":"RSA", 944 "kid":"juliet@capulet.lit", 945 "use":"enc", 946 "n":"t6Q8PWSi1dkJj9hTP8hNYFlvadM7DflW9mWepOJhJ66w7nyoK1gPNqFMSQRy 947 O125Gp-TEkodhWr0iujjHVx7BcV0llS4w5ACGgPrcAd6ZcSR0-Iqom-QFcNP 948 8Sjg086MwoqQU_LYywlAGZ21WSdS_PERyGFiNnj3QQlO8Yns5jCtLCRwLHL0 949 Pb1fEv45AuRIuUfVcPySBWYnDyGxvjYGDSM-AqWS9zIQ2ZilgT-GqUmipg0X 950 OC0Cc20rgLe2ymLHjpHciCKVAbY5-L32-lSeZO-Os6U15_aXrk9Gw8cPUaX1 951 _I8sLGuSiVdt3C_Fn2PZ3Z8i744FPFGGcG1qs2Wz-Q", 952 "e":"AQAB", 953 "d":"GRtbIQmhOZtyszfgKdg4u_N-R_mZGU_9k7JQ_jn1DnfTuMdSNprTeaSTyWfS 954 NkuaAwnOEbIQVy1IQbWVV25NY3ybc_IhUJtfri7bAXYEReWaCl3hdlPKXy9U 955 vqPYGR0kIXTQRqns-dVJ7jahlI7LyckrpTmrM8dWBo4_PMaenNnPiQgO0xnu 956 ToxutRZJfJvG4Ox4ka3GORQd9CsCZ2vsUDmsXOfUENOyMqADC6p1M3h33tsu 957 rY15k9qMSpG9OX_IJAXmxzAh_tWiZOwk2K4yxH9tS3Lq1yX8C1EWmeRDkK2a 958 hecG85-oLKQt5VEpWHKmjOi_gJSdSgqcN96X52esAQ", 959 "p":"2rnSOV4hKSN8sS4CgcQHFbs08XboFDqKum3sc4h3GRxrTmQdl1ZK9uw-PIHf 960 QP0FkxXVrx-WE-ZEbrqivH_2iCLUS7wAl6XvARt1KkIaUxPPSYB9yk31s0Q8 961 UK96E3_OrADAYtAJs-M3JxCLfNgqh56HDnETTQhH3rCT5T3yJws", 962 "q":"1u_RiFDP7LBYh3N4GXLT9OpSKYP0uQZyiaZwBtOCBNJgQxaj10RWjsZu0c6I 963 edis4S7B_coSKB0Kj9PaPaBzg-IySRvvcQuPamQu66riMhjVtG6TlV8CLCYK 964 rYl52ziqK0E_ym2QnkwsUX7eYTB7LbAHRK9GqocDE5B0f808I4s", 965 "dp":"KkMTWqBUefVwZ2_Dbj1pPQqyHSHjj90L5x_MOzqYAJMcLMZtbUtwKqvVDq3 966 tbEo3ZIcohbDtt6SbfmWzggabpQxNxuBpoOOf_a_HgMXK_lhqigI4y_kqS1w 967 Y52IwjUn5rgRrJ-yYo1h41KR-vz2pYhEAeYrhttWtxVqLCRViD6c", 968 "dq":"AvfS0-gRxvn0bwJoMSnFxYcK1WnuEjQFluMGfwGitQBWtfZ1Er7t1xDkbN9 969 GQTB9yqpDoYaN06H7CFtrkxhJIBQaj6nkF5KKS3TQtQ5qCzkOkmxIe3KRbBy 970 mXxkb5qwUpX5ELD5xFc6FeiafWYY63TmmEAu_lRFCOJ3xDea-ots", 971 "qi":"lSQi-w9CpyUReMErP1RsBLk7wNtOvs5EQpPqmuMvqW57NBUczScEoPwmUqq 972 abu9V0-Py4dQ57_bapoKRu1R90bvuFnU63SHWEFglZQvJDMeAvmj4sm-Fp0o 973 Yu_neotgQ0hzbI5gry7ajdYy9-2lNx_76aBZoOUu9HCJ-UsfSOI8" 974 } 976 The octets representing the Plaintext are: 978 [ 123, 34, 107, 116, 121, 34, 58, 34, 82, 83, 65, 34, 44, 34, 107, 979 105, 100, 34, 58, 34, 106, 117, 108, 105, 101, 116, 64, 99, 97, 112, 980 117, 108, 101, 116, 46, 108, 105, 116, 34, 44, 34, 117, 115, 101, 34, 981 58, 34, 101, 110, 99, 34, 44, 34, 110, 34, 58, 34, 116, 54, 81, 56, 982 80, 87, 83, 105, 49, 100, 107, 74, 106, 57, 104, 84, 80, 56, 104, 78, 983 89, 70, 108, 118, 97, 100, 77, 55, 68, 102, 108, 87, 57, 109, 87, 984 101, 112, 79, 74, 104, 74, 54, 54, 119, 55, 110, 121, 111, 75, 49, 985 103, 80, 78, 113, 70, 77, 83, 81, 82, 121, 79, 49, 50, 53, 71, 112, 986 45, 84, 69, 107, 111, 100, 104, 87, 114, 48, 105, 117, 106, 106, 72, 987 86, 120, 55, 66, 99, 86, 48, 108, 108, 83, 52, 119, 53, 65, 67, 71, 988 103, 80, 114, 99, 65, 100, 54, 90, 99, 83, 82, 48, 45, 73, 113, 111, 989 109, 45, 81, 70, 99, 78, 80, 56, 83, 106, 103, 48, 56, 54, 77, 119, 990 111, 113, 81, 85, 95, 76, 89, 121, 119, 108, 65, 71, 90, 50, 49, 87, 991 83, 100, 83, 95, 80, 69, 82, 121, 71, 70, 105, 78, 110, 106, 51, 81, 992 81, 108, 79, 56, 89, 110, 115, 53, 106, 67, 116, 76, 67, 82, 119, 76, 993 72, 76, 48, 80, 98, 49, 102, 69, 118, 52, 53, 65, 117, 82, 73, 117, 994 85, 102, 86, 99, 80, 121, 83, 66, 87, 89, 110, 68, 121, 71, 120, 118, 995 106, 89, 71, 68, 83, 77, 45, 65, 113, 87, 83, 57, 122, 73, 81, 50, 996 90, 105, 108, 103, 84, 45, 71, 113, 85, 109, 105, 112, 103, 48, 88, 997 79, 67, 48, 67, 99, 50, 48, 114, 103, 76, 101, 50, 121, 109, 76, 72, 998 106, 112, 72, 99, 105, 67, 75, 86, 65, 98, 89, 53, 45, 76, 51, 50, 999 45, 108, 83, 101, 90, 79, 45, 79, 115, 54, 85, 49, 53, 95, 97, 88, 1000 114, 107, 57, 71, 119, 56, 99, 80, 85, 97, 88, 49, 95, 73, 56, 115, 1001 76, 71, 117, 83, 105, 86, 100, 116, 51, 67, 95, 70, 110, 50, 80, 90, 1002 51, 90, 56, 105, 55, 52, 52, 70, 80, 70, 71, 71, 99, 71, 49, 113, 1003 115, 50, 87, 122, 45, 81, 34, 44, 34, 101, 34, 58, 34, 65, 81, 65, 1004 66, 34, 44, 34, 100, 34, 58, 34, 71, 82, 116, 98, 73, 81, 109, 104, 1005 79, 90, 116, 121, 115, 122, 102, 103, 75, 100, 103, 52, 117, 95, 78, 1006 45, 82, 95, 109, 90, 71, 85, 95, 57, 107, 55, 74, 81, 95, 106, 110, 1007 49, 68, 110, 102, 84, 117, 77, 100, 83, 78, 112, 114, 84, 101, 97, 1008 83, 84, 121, 87, 102, 83, 78, 107, 117, 97, 65, 119, 110, 79, 69, 98, 1009 73, 81, 86, 121, 49, 73, 81, 98, 87, 86, 86, 50, 53, 78, 89, 51, 121, 1010 98, 99, 95, 73, 104, 85, 74, 116, 102, 114, 105, 55, 98, 65, 88, 89, 1011 69, 82, 101, 87, 97, 67, 108, 51, 104, 100, 108, 80, 75, 88, 121, 57, 1012 85, 118, 113, 80, 89, 71, 82, 48, 107, 73, 88, 84, 81, 82, 113, 110, 1013 115, 45, 100, 86, 74, 55, 106, 97, 104, 108, 73, 55, 76, 121, 99, 1014 107, 114, 112, 84, 109, 114, 77, 56, 100, 87, 66, 111, 52, 95, 80, 1015 77, 97, 101, 110, 78, 110, 80, 105, 81, 103, 79, 48, 120, 110, 117, 1016 84, 111, 120, 117, 116, 82, 90, 74, 102, 74, 118, 71, 52, 79, 120, 1017 52, 107, 97, 51, 71, 79, 82, 81, 100, 57, 67, 115, 67, 90, 50, 118, 1018 115, 85, 68, 109, 115, 88, 79, 102, 85, 69, 78, 79, 121, 77, 113, 65, 1019 68, 67, 54, 112, 49, 77, 51, 104, 51, 51, 116, 115, 117, 114, 89, 49, 1020 53, 107, 57, 113, 77, 83, 112, 71, 57, 79, 88, 95, 73, 74, 65, 88, 1021 109, 120, 122, 65, 104, 95, 116, 87, 105, 90, 79, 119, 107, 50, 75, 1022 52, 121, 120, 72, 57, 116, 83, 51, 76, 113, 49, 121, 88, 56, 67, 49, 1023 69, 87, 109, 101, 82, 68, 107, 75, 50, 97, 104, 101, 99, 71, 56, 53, 1024 45, 111, 76, 75, 81, 116, 53, 86, 69, 112, 87, 72, 75, 109, 106, 79, 1025 105, 95, 103, 74, 83, 100, 83, 103, 113, 99, 78, 57, 54, 88, 53, 50, 1026 101, 115, 65, 81, 34, 44, 34, 112, 34, 58, 34, 50, 114, 110, 83, 79, 1027 86, 52, 104, 75, 83, 78, 56, 115, 83, 52, 67, 103, 99, 81, 72, 70, 1028 98, 115, 48, 56, 88, 98, 111, 70, 68, 113, 75, 117, 109, 51, 115, 99, 1029 52, 104, 51, 71, 82, 120, 114, 84, 109, 81, 100, 108, 49, 90, 75, 57, 1030 117, 119, 45, 80, 73, 72, 102, 81, 80, 48, 70, 107, 120, 88, 86, 114, 1031 120, 45, 87, 69, 45, 90, 69, 98, 114, 113, 105, 118, 72, 95, 50, 105, 1032 67, 76, 85, 83, 55, 119, 65, 108, 54, 88, 118, 65, 82, 116, 49, 75, 1033 107, 73, 97, 85, 120, 80, 80, 83, 89, 66, 57, 121, 107, 51, 49, 115, 1034 48, 81, 56, 85, 75, 57, 54, 69, 51, 95, 79, 114, 65, 68, 65, 89, 116, 1035 65, 74, 115, 45, 77, 51, 74, 120, 67, 76, 102, 78, 103, 113, 104, 53, 1036 54, 72, 68, 110, 69, 84, 84, 81, 104, 72, 51, 114, 67, 84, 53, 84, 1037 51, 121, 74, 119, 115, 34, 44, 34, 113, 34, 58, 34, 49, 117, 95, 82, 1038 105, 70, 68, 80, 55, 76, 66, 89, 104, 51, 78, 52, 71, 88, 76, 84, 57, 1039 79, 112, 83, 75, 89, 80, 48, 117, 81, 90, 121, 105, 97, 90, 119, 66, 1040 116, 79, 67, 66, 78, 74, 103, 81, 120, 97, 106, 49, 48, 82, 87, 106, 1041 115, 90, 117, 48, 99, 54, 73, 101, 100, 105, 115, 52, 83, 55, 66, 95, 1042 99, 111, 83, 75, 66, 48, 75, 106, 57, 80, 97, 80, 97, 66, 122, 103, 1043 45, 73, 121, 83, 82, 118, 118, 99, 81, 117, 80, 97, 109, 81, 117, 54, 1044 54, 114, 105, 77, 104, 106, 86, 116, 71, 54, 84, 108, 86, 56, 67, 76, 1045 67, 89, 75, 114, 89, 108, 53, 50, 122, 105, 113, 75, 48, 69, 95, 121, 1046 109, 50, 81, 110, 107, 119, 115, 85, 88, 55, 101, 89, 84, 66, 55, 76, 1047 98, 65, 72, 82, 75, 57, 71, 113, 111, 99, 68, 69, 53, 66, 48, 102, 1048 56, 48, 56, 73, 52, 115, 34, 44, 34, 100, 112, 34, 58, 34, 75, 107, 1049 77, 84, 87, 113, 66, 85, 101, 102, 86, 119, 90, 50, 95, 68, 98, 106, 1050 49, 112, 80, 81, 113, 121, 72, 83, 72, 106, 106, 57, 48, 76, 53, 120, 1051 95, 77, 79, 122, 113, 89, 65, 74, 77, 99, 76, 77, 90, 116, 98, 85, 1052 116, 119, 75, 113, 118, 86, 68, 113, 51, 116, 98, 69, 111, 51, 90, 1053 73, 99, 111, 104, 98, 68, 116, 116, 54, 83, 98, 102, 109, 87, 122, 1054 103, 103, 97, 98, 112, 81, 120, 78, 120, 117, 66, 112, 111, 79, 79, 1055 102, 95, 97, 95, 72, 103, 77, 88, 75, 95, 108, 104, 113, 105, 103, 1056 73, 52, 121, 95, 107, 113, 83, 49, 119, 89, 53, 50, 73, 119, 106, 85, 1057 110, 53, 114, 103, 82, 114, 74, 45, 121, 89, 111, 49, 104, 52, 49, 1058 75, 82, 45, 118, 122, 50, 112, 89, 104, 69, 65, 101, 89, 114, 104, 1059 116, 116, 87, 116, 120, 86, 113, 76, 67, 82, 86, 105, 68, 54, 99, 34, 1060 44, 34, 100, 113, 34, 58, 34, 65, 118, 102, 83, 48, 45, 103, 82, 120, 1061 118, 110, 48, 98, 119, 74, 111, 77, 83, 110, 70, 120, 89, 99, 75, 49, 1062 87, 110, 117, 69, 106, 81, 70, 108, 117, 77, 71, 102, 119, 71, 105, 1063 116, 81, 66, 87, 116, 102, 90, 49, 69, 114, 55, 116, 49, 120, 68, 1064 107, 98, 78, 57, 71, 81, 84, 66, 57, 121, 113, 112, 68, 111, 89, 97, 1065 78, 48, 54, 72, 55, 67, 70, 116, 114, 107, 120, 104, 74, 73, 66, 81, 1066 97, 106, 54, 110, 107, 70, 53, 75, 75, 83, 51, 84, 81, 116, 81, 53, 1067 113, 67, 122, 107, 79, 107, 109, 120, 73, 101, 51, 75, 82, 98, 66, 1068 121, 109, 88, 120, 107, 98, 53, 113, 119, 85, 112, 88, 53, 69, 76, 1069 68, 53, 120, 70, 99, 54, 70, 101, 105, 97, 102, 87, 89, 89, 54, 51, 1070 84, 109, 109, 69, 65, 117, 95, 108, 82, 70, 67, 79, 74, 51, 120, 68, 1071 101, 97, 45, 111, 116, 115, 34, 44, 34, 113, 105, 34, 58, 34, 108, 1072 83, 81, 105, 45, 119, 57, 67, 112, 121, 85, 82, 101, 77, 69, 114, 80, 1073 49, 82, 115, 66, 76, 107, 55, 119, 78, 116, 79, 118, 115, 53, 69, 81, 1074 112, 80, 113, 109, 117, 77, 118, 113, 87, 53, 55, 78, 66, 85, 99, 1075 122, 83, 99, 69, 111, 80, 119, 109, 85, 113, 113, 97, 98, 117, 57, 1076 86, 48, 45, 80, 121, 52, 100, 81, 53, 55, 95, 98, 97, 112, 111, 75, 1077 82, 117, 49, 82, 57, 48, 98, 118, 117, 70, 110, 85, 54, 51, 83, 72, 1078 87, 69, 70, 103, 108, 90, 81, 118, 74, 68, 77, 101, 65, 118, 109, 1079 106, 52, 115, 109, 45, 70, 112, 48, 111, 89, 117, 95, 110, 101, 111, 1080 116, 103, 81, 48, 104, 122, 98, 73, 53, 103, 114, 121, 55, 97, 106, 1081 100, 89, 121, 57, 45, 50, 108, 78, 120, 95, 55, 54, 97, 66, 90, 111, 1082 79, 85, 117, 57, 72, 67, 74, 45, 85, 115, 102, 83, 79, 73, 56, 34, 1083 125 ] 1085 C.2. JWE Header 1087 The following example JWE Protected Header declares that: 1089 o the Content Encryption Key is encrypted to the recipient using the 1090 PSE2-HS256+A128KW algorithm to produce the JWE Encrypted Key, 1092 o the Salt (p2s) is [ 217, 96, 147, 112, 150, 117, 70, 247, 127, 8, 1093 155, 137, 174, 42, 80, 215 ], 1095 o the Iteration Count (p2c) is 4096, 1097 o the Plaintext is encrypted using the AES_128_CBC_HMAC_SHA_256 1098 algorithm to produce the Ciphertext, and 1100 o the content type is application/jwk+json. 1102 { 1103 "alg":"PBES2-HS256+A128KW", 1104 "p2s":"2WCTcJZ1Rvd_CJuJripQ1w", 1105 "p2c":4096, 1106 "enc":"A128CBC-HS256", 1107 "cty":"jwk+json" 1108 } 1110 Encoding this JWE Protected Header as BASE64URL(UTF8(JWE Protected 1111 Header)) gives this value: 1113 eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJwMnMiOiIyV0NUY0paMVJ2ZF9DSn 1114 VKcmlwUTF3IiwicDJjIjo0MDk2LCJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiY3R5Ijoi 1115 andrK2pzb24ifQ 1117 C.3. Content Encryption Key (CEK) 1119 Generate a 256 bit random Content Encryption Key (CEK). In this 1120 example, the value is: 1122 [ 111, 27, 25, 52, 66, 29, 20, 78, 92, 176, 56, 240, 65, 208, 82, 1123 112, 161, 131, 36, 55, 202, 236, 185, 172, 129, 23, 153, 194, 195, 1124 48, 253, 182 ] 1126 C.4. Key Encryption 1128 Encrypt the CEK with a shared passphrase using the 1129 "PBES2-HS256+A128KW" algorithm and the specified Salt and Iteration 1130 Count values to produce the JWE Encrypted Key. This example uses the 1131 following passphrase: 1133 Thus from my lips, by yours, my sin is purged. 1135 The octets representing the passphrase are: 1137 [ 84, 104, 117, 115, 32, 102, 114, 111, 109, 32, 109, 121, 32, 108, 1138 105, 112, 115, 44, 32, 98, 121, 32, 121, 111, 117, 114, 115, 44, 32, 1139 109, 121, 32, 115, 105, 110, 32, 105, 115, 32, 112, 117, 114, 103, 1140 101, 100, 46 ] 1142 The resulting JWE Encrypted Key value is: 1144 [ 201, 236, 143, 112, 12, 234, 200, 211, 33, 241, 255, 65, 112, 63, 1145 172, 146, 105, 107, 122, 0, 30, 21, 44, 21, 14, 61, 200, 57, 30, 253, 1146 228, 83, 218, 82, 138, 80, 121, 254, 193, 121 ] 1148 Encoding this JWE Encrypted Key as BASE64URL(JWE Encrypted Key) gives 1149 this value: 1151 yeyPcAzqyNMh8f9BcD-skmlregAeFSwVDj3IOR795FPaUopQef7BeQ 1153 C.5. Initialization Vector 1155 Generate a random 128 bit JWE Initialization Vector. In this 1156 example, the value is: 1158 [ 97, 239, 99, 214, 171, 54, 216, 57, 145, 72, 7, 93, 34, 31, 149, 1159 156 ] 1161 Encoding this JWE Initialization Vector as BASE64URL(JWE 1162 Initialization Vector) gives this value: 1164 Ye9j1qs22DmRSAddIh-VnA 1166 C.6. Additional Authenticated Data 1168 Let the Additional Authenticated Data encryption parameter be 1169 ASCII(BASE64URL(UTF8(JWE Protected Header))). This value is: 1171 [ 123, 34, 97, 108, 103, 34, 58, 34, 80, 66, 69, 83, 50, 45, 72, 83, 1172 50, 53, 54, 43, 65, 49, 50, 56, 75, 87, 34, 44, 34, 112, 50, 115, 34, 1173 58, 34, 50, 87, 67, 84, 99, 74, 90, 49, 82, 118, 100, 95, 67, 74, 1174 117, 74, 114, 105, 112, 81, 49, 119, 34, 44, 34, 112, 50, 99, 34, 58, 1175 52, 48, 57, 54, 44, 34, 101, 110, 99, 34, 58, 34, 65, 49, 50, 56, 67, 1176 66, 67, 45, 72, 83, 50, 53, 54, 34, 44, 34, 99, 116, 121, 34, 58, 34, 1177 106, 119, 107, 43, 106, 115, 111, 110, 34, 125 ] 1179 C.7. Content Encryption 1181 Encrypt the Plaintext with AES_128_CBC_HMAC_SHA_256 using the CEK as 1182 the encryption key, the JWE Initialization Vector, and the Additional 1183 Authenticated Data value above. The resulting Ciphertext is: 1185 [ 3, 8, 65, 242, 92, 107, 148, 168, 197, 159, 77, 139, 25, 97, 42, 1186 131, 110, 199, 225, 56, 61, 127, 38, 64, 108, 91, 247, 167, 150, 98, 1187 112, 122, 99, 235, 132, 50, 28, 46, 56, 170, 169, 89, 220, 145, 38, 1188 157, 148, 224, 66, 140, 8, 169, 146, 117, 222, 54, 242, 28, 31, 11, 1189 129, 227, 226, 169, 66, 117, 133, 254, 140, 216, 115, 203, 131, 60, 1190 60, 47, 233, 132, 121, 13, 35, 188, 53, 19, 172, 77, 59, 54, 211, 1191 158, 172, 25, 60, 111, 0, 80, 201, 158, 160, 210, 68, 55, 12, 67, 1192 136, 130, 87, 216, 197, 95, 62, 20, 155, 205, 5, 140, 27, 168, 221, 1193 65, 114, 78, 157, 254, 46, 206, 182, 52, 135, 87, 239, 3, 34, 186, 1194 126, 220, 151, 17, 33, 237, 57, 96, 172, 183, 58, 45, 248, 103, 241, 1195 142, 136, 7, 53, 16, 173, 181, 7, 93, 92, 252, 1, 53, 212, 242, 8, 1196 255, 11, 239, 181, 24, 148, 136, 111, 24, 161, 244, 23, 106, 69, 157, 1197 215, 243, 189, 240, 166, 169, 249, 72, 38, 201, 99, 223, 173, 229, 9, 1198 222, 82, 79, 157, 176, 248, 85, 239, 121, 163, 1, 31, 48, 98, 206, 1199 61, 249, 104, 216, 201, 227, 105, 48, 194, 193, 10, 36, 160, 159, 1200 241, 166, 84, 54, 188, 211, 243, 242, 40, 46, 45, 193, 193, 160, 169, 1201 101, 201, 1, 73, 47, 105, 142, 88, 28, 42, 132, 26, 61, 58, 63, 142, 1202 243, 77, 26, 179, 153, 166, 46, 203, 208, 49, 55, 229, 34, 178, 4, 1203 109, 180, 204, 204, 115, 1, 103, 193, 5, 91, 215, 214, 195, 1, 110, 1204 208, 53, 144, 36, 105, 12, 54, 25, 129, 101, 15, 183, 150, 250, 147, 1205 115, 227, 58, 250, 5, 128, 232, 63, 15, 14, 19, 141, 124, 253, 142, 1206 137, 189, 135, 26, 44, 240, 27, 88, 132, 105, 127, 6, 71, 37, 41, 1207 124, 187, 165, 140, 34, 200, 123, 80, 228, 24, 231, 176, 132, 171, 1208 138, 145, 152, 116, 224, 50, 141, 51, 147, 91, 186, 7, 246, 106, 217, 1209 148, 244, 227, 244, 45, 220, 121, 165, 224, 148, 181, 17, 181, 128, 1210 197, 101, 237, 11, 169, 229, 149, 199, 78, 56, 15, 14, 190, 91, 216, 1211 222, 247, 213, 74, 40, 8, 96, 20, 168, 119, 96, 26, 24, 52, 37, 82, 1212 127, 57, 176, 147, 118, 59, 7, 224, 33, 117, 72, 155, 29, 82, 26, 1213 215, 189, 140, 119, 28, 152, 118, 93, 222, 194, 192, 148, 115, 83, 1214 253, 216, 212, 108, 88, 83, 175, 172, 220, 97, 79, 110, 42, 223, 170, 1215 161, 34, 164, 144, 193, 76, 122, 92, 160, 41, 178, 175, 6, 35, 96, 1216 113, 96, 158, 90, 129, 101, 26, 45, 70, 180, 189, 230, 15, 5, 247, 1217 150, 209, 94, 171, 26, 13, 142, 212, 129, 1, 176, 5, 0, 112, 203, 1218 174, 185, 119, 76, 233, 189, 54, 172, 189, 245, 223, 253, 205, 12, 1219 88, 9, 126, 157, 225, 90, 40, 229, 191, 63, 30, 160, 224, 69, 3, 140, 1220 109, 70, 89, 37, 213, 245, 194, 210, 180, 188, 63, 210, 139, 221, 2, 1221 144, 200, 20, 177, 216, 29, 227, 242, 106, 12, 135, 142, 139, 144, 1222 82, 225, 162, 171, 176, 108, 99, 6, 43, 193, 161, 116, 234, 216, 1, 1223 242, 21, 124, 162, 98, 205, 124, 193, 38, 12, 242, 90, 101, 76, 204, 1224 184, 124, 58, 180, 16, 240, 26, 76, 195, 250, 212, 191, 185, 191, 97, 1225 198, 186, 73, 225, 75, 14, 90, 123, 121, 172, 101, 50, 160, 221, 141, 1226 253, 205, 126, 77, 9, 87, 198, 110, 104, 182, 141, 120, 51, 25, 232, 1227 3, 32, 80, 6, 156, 8, 18, 4, 135, 221, 142, 25, 135, 2, 129, 132, 1228 115, 227, 74, 141, 28, 119, 11, 141, 117, 134, 198, 62, 150, 254, 97, 1229 75, 197, 251, 99, 89, 204, 224, 226, 67, 83, 175, 89, 0, 81, 29, 38, 1230 207, 89, 140, 255, 197, 177, 164, 128, 62, 116, 224, 180, 109, 169, 1231 28, 2, 59, 176, 130, 252, 44, 178, 81, 24, 181, 176, 75, 44, 61, 91, 1232 12, 37, 21, 255, 83, 130, 197, 16, 231, 60, 217, 56, 131, 118, 168, 1233 202, 58, 52, 84, 124, 162, 185, 174, 162, 226, 242, 112, 68, 246, 1234 202, 16, 208, 52, 154, 58, 129, 80, 102, 33, 171, 6, 186, 177, 14, 1235 195, 88, 136, 6, 0, 155, 28, 100, 162, 207, 162, 222, 117, 248, 170, 1236 208, 114, 87, 31, 57, 176, 33, 57, 83, 253, 12, 168, 110, 194, 59, 1237 22, 86, 48, 227, 196, 22, 176, 218, 122, 149, 21, 249, 195, 178, 174, 1238 250, 20, 34, 120, 60, 139, 201, 99, 40, 18, 177, 17, 54, 54, 6, 3, 1239 222, 128, 160, 88, 11, 27, 0, 81, 192, 36, 41, 169, 146, 8, 47, 64, 1240 136, 28, 64, 209, 67, 135, 202, 20, 234, 182, 91, 204, 146, 195, 187, 1241 0, 72, 77, 11, 111, 152, 204, 252, 177, 212, 89, 33, 50, 132, 184, 1242 44, 183, 186, 19, 250, 69, 176, 201, 102, 140, 14, 143, 212, 212, 1243 160, 123, 208, 185, 27, 155, 68, 77, 133, 198, 2, 126, 155, 215, 22, 1244 91, 30, 217, 176, 172, 244, 156, 174, 143, 75, 90, 21, 102, 1, 160, 1245 59, 253, 188, 88, 57, 185, 197, 83, 24, 22, 180, 174, 47, 207, 52, 1, 1246 141, 146, 119, 233, 68, 228, 224, 228, 193, 248, 155, 202, 90, 7, 1247 213, 88, 33, 108, 107, 14, 86, 8, 120, 250, 58, 142, 35, 164, 238, 1248 221, 219, 35, 123, 88, 199, 192, 143, 104, 83, 17, 166, 243, 247, 11, 1249 166, 67, 68, 204, 132, 23, 110, 103, 228, 14, 55, 122, 88, 57, 180, 1250 178, 237, 52, 130, 214, 245, 102, 123, 67, 73, 175, 1, 127, 112, 148, 1251 94, 132, 164, 197, 153, 217, 87, 25, 89, 93, 63, 22, 66, 166, 90, 1252 251, 101, 10, 145, 66, 17, 124, 36, 255, 165, 226, 97, 16, 86, 112, 1253 154, 88, 105, 253, 56, 209, 229, 122, 103, 51, 24, 228, 190, 3, 236, 1254 48, 182, 121, 176, 140, 128, 117, 87, 251, 224, 37, 23, 248, 21, 218, 1255 85, 251, 136, 84, 147, 143, 144, 46, 155, 183, 251, 89, 86, 23, 26, 1256 237, 100, 167, 32, 130, 173, 237, 89, 55, 110, 70, 142, 127, 65, 230, 1257 208, 109, 69, 19, 253, 84, 130, 130, 193, 92, 58, 108, 150, 42, 136, 1258 249, 234, 86, 241, 182, 19, 117, 246, 26, 181, 92, 101, 155, 44, 103, 1259 235, 173, 30, 140, 90, 29, 183, 190, 77, 53, 206, 127, 5, 87, 8, 187, 1260 184, 92, 4, 157, 22, 18, 105, 251, 39, 88, 182, 181, 103, 148, 233, 1261 6, 63, 70, 188, 7, 101, 216, 127, 77, 31, 12, 233, 7, 147, 106, 30, 1262 150, 77, 145, 13, 205, 48, 56, 245, 220, 89, 252, 127, 51, 180, 36, 1263 31, 55, 18, 214, 230, 254, 217, 197, 65, 247, 27, 215, 117, 247, 108, 1264 157, 121, 11, 63, 150, 195, 83, 6, 134, 242, 41, 24, 105, 204, 5, 63, 1265 192, 14, 159, 113, 72, 140, 128, 51, 215, 80, 215, 39, 149, 94, 79, 1266 128, 34, 5, 129, 82, 83, 121, 187, 37, 146, 27, 32, 177, 167, 71, 9, 1267 195, 30, 199, 196, 205, 252, 207, 69, 8, 120, 27, 190, 51, 43, 75, 1268 249, 234, 167, 116, 206, 203, 199, 43, 108, 87, 48, 155, 140, 228, 1269 210, 85, 25, 161, 96, 67, 8, 205, 64, 39, 75, 88, 44, 238, 227, 16, 1270 0, 100, 93, 129, 18, 4, 149, 50, 68, 72, 99, 35, 111, 254, 27, 102, 1271 175, 108, 233, 87, 181, 44, 169, 18, 139, 79, 208, 14, 202, 192, 5, 1272 162, 222, 231, 149, 24, 211, 49, 120, 101, 39, 206, 87, 147, 204, 1273 200, 251, 104, 115, 5, 127, 117, 195, 79, 151, 18, 224, 52, 0, 245, 1274 4, 85, 255, 103, 217, 0, 116, 198, 80, 91, 167, 192, 154, 199, 197, 1275 149, 237, 51, 2, 131, 30, 226, 95, 105, 48, 68, 135, 208, 144, 120, 1276 176, 145, 157, 8, 171, 80, 94, 61, 92, 92, 220, 157, 13, 138, 51, 23, 1277 185, 124, 31, 77, 1, 87, 241, 43, 239, 55, 122, 86, 210, 48, 208, 1278 204, 112, 144, 80, 147, 106, 219, 47, 253, 31, 134, 176, 16, 135, 1279 219, 95, 17, 129, 83, 236, 125, 136, 112, 86, 228, 252, 71, 129, 218, 1280 174, 156, 236, 12, 27, 159, 11, 138, 252, 253, 207, 31, 115, 214, 1281 118, 239, 203, 16, 211, 205, 99, 22, 51, 163, 107, 162, 246, 199, 67, 1282 127, 34, 108, 197, 53, 117, 58, 199, 3, 190, 74, 70, 190, 65, 235, 1283 175, 97, 157, 215, 252, 189, 245, 100, 229, 248, 46, 90, 126, 237, 4, 1284 159, 128, 58, 7, 156, 236, 69, 191, 85, 240, 179, 224, 249, 152, 49, 1285 195, 223, 60, 78, 186, 157, 155, 217, 58, 105, 116, 164, 217, 111, 1286 215, 150, 218, 252, 84, 86, 248, 140, 240, 226, 61, 106, 208, 95, 60, 1287 163, 6, 0, 235, 253, 162, 96, 62, 234, 251, 249, 35, 21, 7, 211, 233, 1288 86, 50, 33, 203, 67, 248, 60, 190, 123, 48, 167, 226, 90, 191, 71, 1289 56, 183, 165, 17, 85, 76, 238, 140, 211, 168, 53, 223, 194, 4, 97, 1290 149, 156, 120, 137, 76, 33, 229, 243, 194, 208, 198, 202, 139, 28, 1291 114, 46, 224, 92, 254, 83, 100, 134, 158, 92, 70, 78, 61, 62, 138, 1292 24, 173, 216, 66, 198, 70, 254, 47, 59, 193, 53, 6, 139, 19, 153, 1293 253, 28, 199, 122, 160, 27, 67, 234, 209, 227, 139, 4, 50, 7, 178, 1294 183, 89, 252, 32, 128, 137, 55, 52, 29, 89, 12, 111, 42, 181, 51, 1295 170, 132, 132, 207, 170, 228, 254, 178, 213, 0, 136, 175, 8 ] 1297 The resulting Authentication Tag value is: 1299 [ 125, 249, 143, 191, 240, 4, 204, 132, 62, 241, 113, 178, 91, 88, 1300 254, 19 ] 1302 Encoding this JWE Ciphertext as BASE64URL(JWE Ciphertext) gives this 1303 value: 1305 AwhB8lxrlKjFn02LGWEqg27H4Tg9fyZAbFv3p5ZicHpj64QyHC44qqlZ3JEmnZTgQo 1306 wIqZJ13jbyHB8LgePiqUJ1hf6M2HPLgzw8L-mEeQ0jvDUTrE07NtOerBk8bwBQyZ6g 1307 0kQ3DEOIglfYxV8-FJvNBYwbqN1Bck6d_i7OtjSHV-8DIrp-3JcRIe05YKy3Oi34Z_ 1308 GOiAc1EK21B11c_AE11PII_wvvtRiUiG8YofQXakWd1_O98Kap-UgmyWPfreUJ3lJP 1309 nbD4Ve95owEfMGLOPflo2MnjaTDCwQokoJ_xplQ2vNPz8iguLcHBoKllyQFJL2mOWB 1310 wqhBo9Oj-O800as5mmLsvQMTflIrIEbbTMzHMBZ8EFW9fWwwFu0DWQJGkMNhmBZQ-3 1311 lvqTc-M6-gWA6D8PDhONfP2Oib2HGizwG1iEaX8GRyUpfLuljCLIe1DkGOewhKuKkZ 1312 h04DKNM5Nbugf2atmU9OP0Ldx5peCUtRG1gMVl7Qup5ZXHTjgPDr5b2N731UooCGAU 1313 qHdgGhg0JVJ_ObCTdjsH4CF1SJsdUhrXvYx3HJh2Xd7CwJRzU_3Y1GxYU6-s3GFPbi 1314 rfqqEipJDBTHpcoCmyrwYjYHFgnlqBZRotRrS95g8F95bRXqsaDY7UgQGwBQBwy665 1315 d0zpvTasvfXf_c0MWAl-neFaKOW_Px6g4EUDjG1GWSXV9cLStLw_0ovdApDIFLHYHe 1316 PyagyHjouQUuGiq7BsYwYrwaF06tgB8hV8omLNfMEmDPJaZUzMuHw6tBDwGkzD-tS_ 1317 ub9hxrpJ4UsOWnt5rGUyoN2N_c1-TQlXxm5oto14MxnoAyBQBpwIEgSH3Y4ZhwKBhH 1318 PjSo0cdwuNdYbGPpb-YUvF-2NZzODiQ1OvWQBRHSbPWYz_xbGkgD504LRtqRwCO7CC 1319 _CyyURi1sEssPVsMJRX_U4LFEOc82TiDdqjKOjRUfKK5rqLi8nBE9soQ0DSaOoFQZi 1320 GrBrqxDsNYiAYAmxxkos-i3nX4qtByVx85sCE5U_0MqG7COxZWMOPEFrDaepUV-cOy 1321 rvoUIng8i8ljKBKxETY2BgPegKBYCxsAUcAkKamSCC9AiBxA0UOHyhTqtlvMksO7AE 1322 hNC2-YzPyx1FkhMoS4LLe6E_pFsMlmjA6P1NSge9C5G5tETYXGAn6b1xZbHtmwrPSc 1323 ro9LWhVmAaA7_bxYObnFUxgWtK4vzzQBjZJ36UTk4OTB-JvKWgfVWCFsaw5WCHj6Oo 1324 4jpO7d2yN7WMfAj2hTEabz9wumQ0TMhBduZ-QON3pYObSy7TSC1vVme0NJrwF_cJRe 1325 hKTFmdlXGVldPxZCplr7ZQqRQhF8JP-l4mEQVnCaWGn9ONHlemczGOS-A-wwtnmwjI 1326 B1V_vgJRf4FdpV-4hUk4-QLpu3-1lWFxrtZKcggq3tWTduRo5_QebQbUUT_VSCgsFc 1327 OmyWKoj56lbxthN19hq1XGWbLGfrrR6MWh23vk01zn8FVwi7uFwEnRYSafsnWLa1Z5 1328 TpBj9GvAdl2H9NHwzpB5NqHpZNkQ3NMDj13Fn8fzO0JB83Etbm_tnFQfcb13X3bJ15 1329 Cz-Ww1MGhvIpGGnMBT_ADp9xSIyAM9dQ1yeVXk-AIgWBUlN5uyWSGyCxp0cJwx7HxM 1330 38z0UIeBu-MytL-eqndM7LxytsVzCbjOTSVRmhYEMIzUAnS1gs7uMQAGRdgRIElTJE 1331 SGMjb_4bZq9s6Ve1LKkSi0_QDsrABaLe55UY0zF4ZSfOV5PMyPtocwV_dcNPlxLgNA 1332 D1BFX_Z9kAdMZQW6fAmsfFle0zAoMe4l9pMESH0JB4sJGdCKtQXj1cXNydDYozF7l8 1333 H00BV_Er7zd6VtIw0MxwkFCTatsv_R-GsBCH218RgVPsfYhwVuT8R4HarpzsDBufC4 1334 r8_c8fc9Z278sQ081jFjOja6L2x0N_ImzFNXU6xwO-Ska-QeuvYZ3X_L31ZOX4Llp- 1335 7QSfgDoHnOxFv1Xws-D5mDHD3zxOup2b2TppdKTZb9eW2vxUVviM8OI9atBfPKMGAO 1336 v9omA-6vv5IxUH0-lWMiHLQ_g8vnswp-Jav0c4t6URVUzujNOoNd_CBGGVnHiJTCHl 1337 88LQxsqLHHIu4Fz-U2SGnlxGTj0-ihit2ELGRv4vO8E1BosTmf0cx3qgG0Pq0eOLBD 1338 IHsrdZ_CCAiTc0HVkMbyq1M6qEhM-q5P6y1QCIrwg 1340 Encoding this JWE Authentication Tag as BASE64URL(JWE Authentication 1341 Tag) gives this value: 1343 ffmPv_AEzIQ-8XGyW1j-Ew 1345 C.8. Complete Representation 1347 Assemble the final representation: The Compact Serialization of this 1348 result is the string BASE64URL(UTF8(JWE Protected Header)) || '.' || 1349 BASE64URL(JWE Encrypted Key) || '.' || BASE64URL(JWE Initialization 1350 Vector) || '.' || BASE64URL(JWE Ciphertext) || '.' || BASE64URL(JWE 1351 Authentication Tag). 1353 The final result in this example is: 1355 eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJwMnMiOiIyV0NUY0paMVJ2ZF9DSn 1356 VKcmlwUTF3IiwicDJjIjo0MDk2LCJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiY3R5Ijoi 1357 andrK2pzb24ifQ. 1358 yeyPcAzqyNMh8f9BcD-skmlregAeFSwVDj3IOR795FPaUopQef7BeQ. 1359 Ye9j1qs22DmRSAddIh-VnA. 1360 AwhB8lxrlKjFn02LGWEqg27H4Tg9fyZAbFv3p5ZicHpj64QyHC44qqlZ3JEmnZTgQo 1361 wIqZJ13jbyHB8LgePiqUJ1hf6M2HPLgzw8L-mEeQ0jvDUTrE07NtOerBk8bwBQyZ6g 1362 0kQ3DEOIglfYxV8-FJvNBYwbqN1Bck6d_i7OtjSHV-8DIrp-3JcRIe05YKy3Oi34Z_ 1363 GOiAc1EK21B11c_AE11PII_wvvtRiUiG8YofQXakWd1_O98Kap-UgmyWPfreUJ3lJP 1364 nbD4Ve95owEfMGLOPflo2MnjaTDCwQokoJ_xplQ2vNPz8iguLcHBoKllyQFJL2mOWB 1365 wqhBo9Oj-O800as5mmLsvQMTflIrIEbbTMzHMBZ8EFW9fWwwFu0DWQJGkMNhmBZQ-3 1366 lvqTc-M6-gWA6D8PDhONfP2Oib2HGizwG1iEaX8GRyUpfLuljCLIe1DkGOewhKuKkZ 1367 h04DKNM5Nbugf2atmU9OP0Ldx5peCUtRG1gMVl7Qup5ZXHTjgPDr5b2N731UooCGAU 1368 qHdgGhg0JVJ_ObCTdjsH4CF1SJsdUhrXvYx3HJh2Xd7CwJRzU_3Y1GxYU6-s3GFPbi 1369 rfqqEipJDBTHpcoCmyrwYjYHFgnlqBZRotRrS95g8F95bRXqsaDY7UgQGwBQBwy665 1370 d0zpvTasvfXf_c0MWAl-neFaKOW_Px6g4EUDjG1GWSXV9cLStLw_0ovdApDIFLHYHe 1371 PyagyHjouQUuGiq7BsYwYrwaF06tgB8hV8omLNfMEmDPJaZUzMuHw6tBDwGkzD-tS_ 1372 ub9hxrpJ4UsOWnt5rGUyoN2N_c1-TQlXxm5oto14MxnoAyBQBpwIEgSH3Y4ZhwKBhH 1373 PjSo0cdwuNdYbGPpb-YUvF-2NZzODiQ1OvWQBRHSbPWYz_xbGkgD504LRtqRwCO7CC 1374 _CyyURi1sEssPVsMJRX_U4LFEOc82TiDdqjKOjRUfKK5rqLi8nBE9soQ0DSaOoFQZi 1375 GrBrqxDsNYiAYAmxxkos-i3nX4qtByVx85sCE5U_0MqG7COxZWMOPEFrDaepUV-cOy 1376 rvoUIng8i8ljKBKxETY2BgPegKBYCxsAUcAkKamSCC9AiBxA0UOHyhTqtlvMksO7AE 1377 hNC2-YzPyx1FkhMoS4LLe6E_pFsMlmjA6P1NSge9C5G5tETYXGAn6b1xZbHtmwrPSc 1378 ro9LWhVmAaA7_bxYObnFUxgWtK4vzzQBjZJ36UTk4OTB-JvKWgfVWCFsaw5WCHj6Oo 1379 4jpO7d2yN7WMfAj2hTEabz9wumQ0TMhBduZ-QON3pYObSy7TSC1vVme0NJrwF_cJRe 1380 hKTFmdlXGVldPxZCplr7ZQqRQhF8JP-l4mEQVnCaWGn9ONHlemczGOS-A-wwtnmwjI 1381 B1V_vgJRf4FdpV-4hUk4-QLpu3-1lWFxrtZKcggq3tWTduRo5_QebQbUUT_VSCgsFc 1382 OmyWKoj56lbxthN19hq1XGWbLGfrrR6MWh23vk01zn8FVwi7uFwEnRYSafsnWLa1Z5 1383 TpBj9GvAdl2H9NHwzpB5NqHpZNkQ3NMDj13Fn8fzO0JB83Etbm_tnFQfcb13X3bJ15 1384 Cz-Ww1MGhvIpGGnMBT_ADp9xSIyAM9dQ1yeVXk-AIgWBUlN5uyWSGyCxp0cJwx7HxM 1385 38z0UIeBu-MytL-eqndM7LxytsVzCbjOTSVRmhYEMIzUAnS1gs7uMQAGRdgRIElTJE 1386 SGMjb_4bZq9s6Ve1LKkSi0_QDsrABaLe55UY0zF4ZSfOV5PMyPtocwV_dcNPlxLgNA 1387 D1BFX_Z9kAdMZQW6fAmsfFle0zAoMe4l9pMESH0JB4sJGdCKtQXj1cXNydDYozF7l8 1388 H00BV_Er7zd6VtIw0MxwkFCTatsv_R-GsBCH218RgVPsfYhwVuT8R4HarpzsDBufC4 1389 r8_c8fc9Z278sQ081jFjOja6L2x0N_ImzFNXU6xwO-Ska-QeuvYZ3X_L31ZOX4Llp- 1390 7QSfgDoHnOxFv1Xws-D5mDHD3zxOup2b2TppdKTZb9eW2vxUVviM8OI9atBfPKMGAO 1391 v9omA-6vv5IxUH0-lWMiHLQ_g8vnswp-Jav0c4t6URVUzujNOoNd_CBGGVnHiJTCHl 1392 88LQxsqLHHIu4Fz-U2SGnlxGTj0-ihit2ELGRv4vO8E1BosTmf0cx3qgG0Pq0eOLBD 1393 IHsrdZ_CCAiTc0HVkMbyq1M6qEhM-q5P6y1QCIrwg. 1394 ffmPv_AEzIQ-8XGyW1j-Ew 1396 Appendix D. Acknowledgements 1398 A JSON representation for RSA public keys was previously introduced 1399 by John Panzer, Ben Laurie, and Dirk Balfanz in Magic Signatures 1401 [MagicSignatures]. 1403 This specification is the work of the JOSE Working Group, which 1404 includes dozens of active and dedicated participants. In particular, 1405 the following individuals contributed ideas, feedback, and wording 1406 that influenced this specification: 1408 Dirk Balfanz, Richard Barnes, John Bradley, Brian Campbell, Breno de 1409 Medeiros, Joe Hildebrand, Edmund Jay, Ben Laurie, James Manger, Matt 1410 Miller, Tony Nadalin, Axel Nennker, John Panzer, Eric Rescorla, Nat 1411 Sakimura, Jim Schaad, Paul Tarjan, Hannes Tschofenig, and Sean 1412 Turner. 1414 Jim Schaad and Karen O'Donoghue chaired the JOSE working group and 1415 Sean Turner and Stephen Farrell served as Security area directors 1416 during the creation of this specification. 1418 Appendix E. Document History 1420 [[ to be removed by the RFC Editor before publication as an RFC ]] 1422 -18 1424 o Changes to address editorial and minor issues #68, #69, #73, #74, 1425 #76, #77, #78, #79, #82, #85, #89, and #135. 1427 o Added and used Description registry fields. 1429 -17 1431 o Refined the "typ" and "cty" definitions to always be MIME Media 1432 Types, with the omission of "application/" prefixes recommended 1433 for brevity, addressing issue #50. 1435 o Added an example encrypting an RSA private key with 1436 "PBES2-HS256+A128KW" and "A128CBC-HS256". Thanks to Matt Miller 1437 for producing this! 1439 o Processing rules occurring in both JWS and JWK are now referenced 1440 in JWS by JWK, rather than duplicated, addressing issue #57. 1442 o Terms used in multiple documents are now defined in one place and 1443 incorporated by reference. Some lightly used or obvious terms 1444 were also removed. This addresses issue #58. 1446 -16 1447 o Changes to address editorial and minor issues #41, #42, #43, #47, 1448 #51, #67, #71, #76, #80, #83, #84, #85, #86, #87, and #88. 1450 -15 1452 o Changes to address editorial issues #48, #64, #65, #66, and #91. 1454 -14 1456 o Relaxed language introducing key parameters since some parameters 1457 are applicable to multiple, but not all, key types. 1459 -13 1461 o Applied spelling and grammar corrections. 1463 -12 1465 o Stated that recipients MUST either reject JWKs and JWK Sets with 1466 duplicate member names or use a JSON parser that returns only the 1467 lexically last duplicate member name. 1469 -11 1471 o Stated that when "kid" values are used within a JWK Set, different 1472 keys within the JWK Set SHOULD use distinct "kid" values. 1474 o Added optional "x5u" (X.509 URL), "x5t" (X.509 Certificate 1475 Thumbprint), and "x5c" (X.509 Certificate Chain) JWK parameters. 1477 o Added section on Encrypted JWK and Encrypted JWK Set Formats. 1479 o Added a Parameter Information Class value to the JSON Web Key 1480 Parameters registry, which registers whether the parameter conveys 1481 public or private information. 1483 o Registered "application/jwk+json" and "application/jwk-set+json" 1484 MIME types and "JWK" and "JWK-SET" typ header parameter values, 1485 addressing issue #21. 1487 -10 1489 o No changes were made, other than to the version number and date. 1491 -09 1493 o Expanded the scope of the JWK specification to include private and 1494 symmetric key representations, as specified by 1496 o Defined that members that are not understood must be ignored. 1498 -08 1500 o Changed the name of the JWK key type parameter from "alg" to "kty" 1501 to enable use of "alg" to indicate the particular algorithm that 1502 the key is intended to be used with. 1504 o Clarified statements of the form "This member is OPTIONAL" to "Use 1505 of this member is OPTIONAL". 1507 o Referenced String Comparison Rules in JWS. 1509 o Added seriesInfo information to Internet Draft references. 1511 -07 1513 o Changed the name of the JWK RSA modulus parameter from "mod" to 1514 "n" and the name of the JWK RSA exponent parameter from "xpo" to 1515 "e", so that the identifiers are the same as those used in RFC 1516 3447. 1518 -06 1520 o Changed the name of the JWK RSA exponent parameter from "exp" to 1521 "xpo" so as to allow the potential use of the name "exp" for a 1522 future extension that might define an expiration parameter for 1523 keys. (The "exp" name is already used for this purpose in the JWT 1524 specification.) 1526 o Clarify that the "alg" (algorithm family) member is REQUIRED. 1528 o Correct an instance of "JWK" that should have been "JWK Set". 1530 o Applied changes made by the RFC Editor to RFC 6749's registry 1531 language to this specification. 1533 -05 1535 o Indented artwork elements to better distinguish them from the body 1536 text. 1538 -04 1540 o Refer to the registries as the primary sources of defined values 1541 and then secondarily reference the sections defining the initial 1542 contents of the registries. 1544 o Normatively reference XML DSIG 2.0 [W3C.CR-xmldsig-core2-20120124] 1545 for its security considerations. 1547 o Added this language to Registration Templates: "This name is case 1548 sensitive. Names that match other registered names in a case 1549 insensitive manner SHOULD NOT be accepted." 1551 o Described additional open issues. 1553 o Applied editorial suggestions. 1555 -03 1557 o Clarified that "kid" values need not be unique within a JWK Set. 1559 o Moved JSON Web Key Parameters registry to the JWK specification. 1561 o Added "Collision Resistant Namespace" to the terminology section. 1563 o Changed registration requirements from RFC Required to 1564 Specification Required with Expert Review. 1566 o Added Registration Template sections for defined registries. 1568 o Added Registry Contents sections to populate registry values. 1570 o Numerous editorial improvements. 1572 -02 1574 o Simplified JWK terminology to get replace the "JWK Key Object" and 1575 "JWK Container Object" terms with simply "JSON Web Key (JWK)" and 1576 "JSON Web Key Set (JWK Set)" and to eliminate potential confusion 1577 between single keys and sets of keys. As part of this change, the 1578 top-level member name for a set of keys was changed from "jwk" to 1579 "keys". 1581 o Clarified that values with duplicate member names MUST be 1582 rejected. 1584 o Established JSON Web Key Set Parameters registry. 1586 o Explicitly listed non-goals in the introduction. 1588 o Moved algorithm-specific definitions from JWK to JWA. 1590 o Reformatted to give each member definition its own section 1591 heading. 1593 -01 1595 o Corrected the Magic Signatures reference. 1597 -00 1599 o Created the initial IETF draft based upon 1600 draft-jones-json-web-key-03 with no normative changes. 1602 Author's Address 1604 Michael B. Jones 1605 Microsoft 1607 Email: mbj@microsoft.com 1608 URI: http://self-issued.info/