Technical Summary
This document, JSON Web Signature (JWS), represents content secured with digital
signatures or Message Authentication Codes (MACs) using JavaScript Object
Notation (JSON) based data structures. Two serializations for JWS objects are
defined, a compact, URL-safe representation and a JSON serialization.
Working Group Summary
The document has clear working group consensus for publication, and has been
reviewed by several WG participants since its initial adoption as a working group
item.
Document Quality
This document has been reviewed and revised many times. There are multiple
implementations of this document. Some of these are listed at:
https://openid.net/developers/libraries/ (see the JWT/JWS/JWE/JWK/JWA
Implementations section).
There was much discussion on this draft in last call and while most of the discussions
were resolved, there is a discussion continuing for the duplicate member name text.
The current text aligns with WG consensus prior to IETF last call and was split between
those commenting (implementation vs. possibly 'doing the right thing').
http://www.ietf.org/mail-archive/web/secdir/current/msg05105.html
Personnel
Karen O'Donoghue is acting as the Document Shepherd. Kathleen Moriarty is the
Responsible Area Director.
IANA Note
'The registries use the 5226 'Specification Required'
registration policy.'
RFC Editor Note:
This draft is part of a set of drafts that cross 2 working groups. I am
working through the reviews (shepherd just confirmed them for the OAuth
ones) and would like them processed as a set. The JOSE drafts will
hopefully be ready shortly as well. The set includes (in order):
1 draft-ietf-jose-json-web-signature
2 draft-ietf-jose-json-web-encryption
3 draft-ietf-jose-json-web-key
4 draft-ietf-jose-json-web-algorithms
5 draft-ietf-oauth-json-web-token
6 draft-ietf-jose-cookbook
7 draft-ietf-oauth-assertions
8 draft-ietf-oauth-saml2-bearer
9 draft-ietf-oauth-jwt-bearer