JSON Crypto Specs Draft -02: JWS, JWE, JWK, JWA and JSON Web Token (JWT) Draft -10
JSON Crypto Specs Draft -02: JWS, JWE, JWK, JWA and JSON Web Token (JWT) Draft -10 New -02 versions of the JSON Object Signing and Encryption (JOSE) specifications are now available that incorporate working group decisions made since the previous versions, including decisions made at IETF 83 in Paris and in follow-up discussions on the...
JSON Web Token (JWT) Specification Draft -09
Draft 09 of the JSON Web Token (JWT) specification has been published. It contains this change:
Changed “http://openid.net/specs/jwt/1.0″ to “urn:ietf:params:oauth:token-type:jwt” in preparation for OAuth WG draft.
This speci...
OAuth 2.0 JWT Bearer Token Profiles Specification Draft -04
Draft 04 of the OAuth 2.0 JWT Bearer Token Profiles Specification has been published. This version tracks changes in the OAuth 2.0 Assertion Profile and SAML 2.0 Bearer Assertion Profiles for OAuth 2.0 specifications made in response to working group last call comments, as announced by Brian Campbell. Changes made were: Merged in changes between...
OAuth 2.0 Bearer Token Specification Draft -19
Draft 19 of the OAuth 2.0 Bearer Token Specification has been published. It addresses DISCUSS issues and COMMENTs raised for which resolutions have been agreed to. No normative changes were made. Changes made were: Use ABNF from RFC 5234. Added sentence “The Bearer authentication scheme is intended primarily for server authentication using the WWW-Authenticate and...
OpenID Connect has won the 2012 European Identity Award
I’m thrilled to report that OpenID Connect has won the 2012 European Identity Award for Best Innovation/New Standard. I appreciate the recognition of what we’ve achieved to date with OpenID Connect and its potential to significantly change digital identity for the better. As Dave Kearns wrote in the OpenID Foundation announcement about the award: I’m...
April 10, 2012 OpenID Connect Update Release
The OpenID Connect working group has released an update to the OpenID Connect specifications that continues incorporating significant developer feedback received, while maintaining as much compatibility with the implementer’s drafts as possible. The Connect specs have also been updated to track updates to the OAuth and JOSE specs, which they use. The primary normative changes...
JSON Web Token (JWT) Specification Draft -08
Draft 08 of the JSON Web Token (JWT) specification has been published. It uses the -01 versions of the JOSE specifications and also contains these changes: Removed language that required that a JWT must have three parts. Now the number of parts is explicitly dependent upon the representation of the underlying JWS or JWE. Moved...
Draft -01 of JSON Crypto Specs: JWS, JWE, JWK, JWA, JWS-JS, JWE-JS
New versions of the IETF JSON Object Signing and Encryption (JOSE) specifications are now available that incorporate working group feedback since publication of the initial versions. They are: JSON Web Signature (JWS) – Digital signature/HMAC specification JSON Web Encryption (JWE) – Encryption specification JSON Web Key (JWK) – Public key specification JSON Web Algorithms (JWA)...
OAuth 2.0 Bearer Token Specification Draft -18
Draft 18 of the OAuth 2.0 Bearer Token Specification has been published. It contains the following changes:
Changed example bearer token value from vF9dft4qmT to mF_9.B5f-4.1JqM.
Added example access token response returning a Bearer token.
The draf...
JSON Serializations for JWS and JWE
Participants in the JOSE working group have described use cases where a JSON top-level representation of digitally signed, HMAC’ed, or encrypted content is desirable. They have also described use cases where multiple digital signatures and/or HMACs need to applied to the same message and where the same plaintext needs to be encrypted to multiple recipients....
OAuth 2.0 Bearer Token Specification Draft -17
Draft 17 of the OAuth 2.0 Bearer Token Specification has been published. This version changes the RFCs referenced for certificate chain verification. The wording was proposed by Alexey Melnikov as part of the Gen-ART review. It contains the following changes: Restore RFC 2818 reference for server identity verification and add RFC 5280 reference for certificate...
OpenID Connect Interop in Progress
The Third OpenID Connect Interop is currently under way – this time based upon approved Implementer’s Drafts. Currently 7 implementations are being tested, with I believe more to be added. The interop is designed to enable people to test the implementations they’ve built against other implementations and verify that specific features that they’ve built are...
