Nat,
We definitely do not have to wait until October for the WGLC if the
documents are ready before then. Now that we have the updated drafts
published, we can proceed with the next steps...
1. Verify that all the agreements from the interim meeting are properly
addressed and the issues appropriately closed.
2. Review the drafts for any final issues.
We plan to have a series of conference calls in the next few months to
specifically address this review. Jim and I are hopeful that the WGLC
for the specifications could occur in the Berlin time frame.
Regards,
Karen
On 5/28/13 10:18 PM, Nat Sakimura wrote:
Thanks Mike.
Is it correct to understand that most of the technical issues are
addressed with this draft?
If so, do we still have to wait until October for WGLC? Are we not
ready to go in June or July?
In as much as it is nice to have many features, the timing is also
very important. Some folks are not allowed to use the spec unless it
is final. I know of at least one project that falls into this category
unless we finish them by this fall or we have failed in this respect.
Please consider accelerating the process and go to WGLC much earlier
than October.
2013/5/29 Mike Jones <[email protected]
<mailto:[email protected]>>
The -11 drafts of the JSON Object Signing and Encryption (JOSE)
<http://datatracker.ietf.org/wg/jose/> specifications have been
released that incorporate the changes agreed to at the interim
working group meeting last month. Most of the changes were to the
JWS and JWE JSON Serialization representations, enabling more
flexible treatment of header parameter values. Other changes
included removing the Encrypted Key value from the JWE integrity
calculation, saying more about key identification, adding key
identification parameters to some of the examples, clarifying the
use of "kid" values in JWK Sets, enabling X.509 key
representations in JWKs, recommending protecting JWKs containing
non-public information by encrypting them with JWE, adding "alg"
values for RSASSA-PSS, registering additional MIME types, and a
number of clarifications. A corresponding -08 JSON Web Token
(JWT) spec was also released that updated the encrypted JWT
example value to track the JWE change. Hopefully this will be the
last breaking change to the encryption calculations.
The specifications are available at:
·http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-11
·http://tools.ietf.org/html/draft-ietf-jose-json-web-encryption-11
·http://tools.ietf.org/html/draft-ietf-jose-json-web-key-11
·http://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-11
·http://tools.ietf.org/html/draft-ietf-oauth-json-web-token-08
HTML formatted versions are available at:
·http://self-issued.info/docs/draft-ietf-jose-json-web-signature-11.html
·http://self-issued.info/docs/draft-ietf-jose-json-web-encryption-11.html
·http://self-issued.info/docs/draft-ietf-jose-json-web-key-11.html
·http://self-issued.info/docs/draft-ietf-jose-json-web-algorithms-11.html
·http://self-issued.info/docs/draft-ietf-oauth-json-web-token-08.html
-- Mike
P.S. This announcement was also posted at
http://self-issued.info/?p=1031 <http://self-issued.info/?p=1031>.
_______________________________________________
jose mailing list
[email protected] <mailto:[email protected]>
https://www.ietf.org/mailman/listinfo/jose
--
Nat Sakimura (=nat)
Chairman, OpenID Foundation
http://nat.sakimura.org/
@_nat_en
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
_______________________________________________
jose mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/jose
