- From: Dan Brickley <danbri@danbri.org>
- Date: Sun, 27 Mar 2011 11:24:04 +0200
- To: RDF WG <public-rdf-wg@w3.org>
- Message-ID: <AANLkTineZ1EDSZGX6cmRsWLmW=FLxdXVVnFN3m4eQ+1x@mail.gmail.com>
Probably of most interest to foaf-protocols / WebID folk, but passing along
here as it gives example of some parallel work happening that also encodes
in JSON notation:
http://self-issued.info/docs/draft-jones-json-web-token-03.html
"JSON Web Token (JWT) is a means of representing claims to be transferred
between two parties. The claims in a JWT are encoded as a JSON object that
is digitally signed using a JSON Web Signature (JWS) and optionally
encrypted using JSON Web Encryption (JWE)."
http://self-issued.info/docs/draft-jones-json-web-signature-01.html
"JSON Web Signature (JWS) is a means of representing signed content using
JSON data structures. Related encryption capabilities are described in the
separate JSON Web Encryption (JWE) specification."
Dan
---------- Forwarded message ----------
From: Mike Jones <Michael.Jones@microsoft.com>
Date: 26 March 2011 06:25
Subject: [woes] JSON Web Token (JWT) and JSON Web Signature (JWS) now in
separate specs
To: "oauth@ietf.org" <oauth@ietf.org>, "woes@ietf.org" <woes@ietf.org>, "
openid-specs-ab@lists.openid.net" <openid-specs-ab@lists.openid.net>
Cc: "openid-specs@lists.openid.net" <openid-specs@lists.openid.net>
As promised, I have split the contents of the JWT spec
draft-jones-json-web-token-01<http://self-issued.info/docs/draft-jones-json-web-token-01.html>into
two simpler specs:
draft-jones-json-web-token-02<http://self-issued.info/docs/draft-jones-json-web-token-02.html>
draft-jones-json-web-signature-00<http://self-issued.info/docs/draft-jones-json-web-signature-00.html>
These should have introduced no semantic changes from the previous spec.
I then applied the feedback that I received since JWT -01 and created
revised versions of the split specs:
draft-jones-json-web-token-03<http://self-issued.info/docs/draft-jones-json-web-token-03.html>
draft-jones-json-web-signature-01<http://self-issued.info/docs/draft-jones-json-web-signature-01.html>
The only breaking change introduced was that x5t (X.509 Certificate
Thumbprint) is now a SHA-1 hash of the DER-encoded certificate, rather than
a SHA-256 has, as SHA-1 is the prevailing existing practice for certificate
thumbprint calculations. See the Document History sections for details on
each change made.
.txt and .xml versions are also available. I plan to publish these as IETF
drafts once the submission window re-opens on Monday. Feedback welcome!
-- Mike
P.S. Yes, work on the companion encryption spec is now under way…
_______________________________________________
woes mailing list
woes@ietf.org
https://www.ietf.org/mailman/listinfo/woes
Received on Sunday, 27 March 2011 09:24:34 UTC