Oops – the Encoded JWE Header value for the second recipient is correct –
decoding to {"alg":"A128KW","enc":"A128CBC-HS256"}. But I’d failed to update
the unencoded header text when I updated the example. Thanks for pointing this
out, Nov. I’ll put it in my to-do list.
-- Mike
From: nov matake [mailto:[email protected]]
Sent: Friday, April 26, 2013 1:49 AM
To: Mike Jones
Cc: [email protected]
Subject: Re: [jose] Draft -10 of the JOSE Specifications
Hi Mike,
The 2nd recipient described in Section 7.1 uses RSA-OAEP for key encryption,
but the encrypted key value seems to be encrypted using A128KW.
Isn't it?
On Apr 26, 2013, at 5:24 PM, Mike Jones
<[email protected]<mailto:[email protected]>> wrote:
Based upon working group feedback on the -09 drafts, I’ve released an update to
the JSON Object Signing and Encryption (JOSE) specifications that changes the
processing rules for JWEs encrypted to multiple recipients. The new processing
rules enable using AES GCM for multiple-recipient JWE objects. This update
makes no changes to the single-recipient case.
The updated specification versions are:
• http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-10
• http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-10
• http://tools.ietf.org/html/draft-ietf-jose-json-web-key-10
• http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-10
HTML formatted versions are also available at:
• http://self-issued.info/docs/draft-ietf-jose-json-web-signature-10.html
•
http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-10.html
• http://self-issued.info/docs/draft-ietf-jose-json-web-key-10.html
•
http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-10.html
-- Mike
P.S. Also posted at http://self-issued.info/?p=1012.
_______________________________________________
jose mailing list
[email protected]<mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
