draft-ietf-jose-json-web-algorithms-24.txt   draft-ietf-jose-json-web-algorithms-25.txt 
JOSE Working Group M. Jones JOSE Working Group M. Jones
Internet-Draft Microsoft Internet-Draft Microsoft
Intended status: Standards Track March 18, 2014 Intended status: Standards Track March 31, 2014
Expires: September 19, 2014 Expires: October 2, 2014
JSON Web Algorithms (JWA) JSON Web Algorithms (JWA)
draft-ietf-jose-json-web-algorithms-24 draft-ietf-jose-json-web-algorithms-25
Abstract Abstract
The JSON Web Algorithms (JWA) specification registers cryptographic The JSON Web Algorithms (JWA) specification registers cryptographic
algorithms and identifiers to be used with the JSON Web Signature algorithms and identifiers to be used with the JSON Web Signature
(JWS), JSON Web Encryption (JWE), and JSON Web Key (JWK) (JWS), JSON Web Encryption (JWE), and JSON Web Key (JWK)
specifications. It defines several IANA registries for these specifications. It defines several IANA registries for these
identifiers. identifiers.
Status of this Memo Status of this Memo
skipping to change at page 1, line 34 skipping to change at page 1, line 34
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 19, 2014. This Internet-Draft will expire on October 2, 2014.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 24, line 50 skipping to change at page 24, line 50
input key K as in Step 1 of Section 5.2.2.1. input key K as in Step 1 of Section 5.2.2.1.
2. The integrity and authenticity of A and E are checked by 2. The integrity and authenticity of A and E are checked by
computing an HMAC with the inputs as in Step 5 of computing an HMAC with the inputs as in Step 5 of
Section 5.2.2.1. The value T, from the previous step, is Section 5.2.2.1. The value T, from the previous step, is
compared to the first MAC_KEY length bits of the HMAC output. If compared to the first MAC_KEY length bits of the HMAC output. If
those values are identical, then A and E are considered valid, those values are identical, then A and E are considered valid,
and processing is continued. Otherwise, all of the data used in and processing is continued. Otherwise, all of the data used in
the MAC validation are discarded, and the AEAD decryption the MAC validation are discarded, and the AEAD decryption
operation returns an indication that it failed, and the operation operation returns an indication that it failed, and the operation
halts. (But see Section 10 of [JWE] for security considerations halts. (But see Section 11 of [JWE] for security considerations
on thwarting timing attacks.) on thwarting timing attacks.)
3. The value E is decrypted and the PKCS #5 padding is removed. The 3. The value E is decrypted and the PKCS #5 padding is removed. The
value IV is used as the initialization vector. The value ENC_KEY value IV is used as the initialization vector. The value ENC_KEY
is used as the decryption key. is used as the decryption key.
4. The plaintext value is returned. 4. The plaintext value is returned.
5.2.3. AES_128_CBC_HMAC_SHA_256 5.2.3. AES_128_CBC_HMAC_SHA_256
skipping to change at page 64, line 27 skipping to change at page 64, line 27
Nat Sakimura, Jim Schaad, Hannes Tschofenig, and Sean Turner. Nat Sakimura, Jim Schaad, Hannes Tschofenig, and Sean Turner.
Jim Schaad and Karen O'Donoghue chaired the JOSE working group and Jim Schaad and Karen O'Donoghue chaired the JOSE working group and
Sean Turner and Stephen Farrell served as Security area directors Sean Turner and Stephen Farrell served as Security area directors
during the creation of this specification. during the creation of this specification.
Appendix E. Document History Appendix E. Document History
[[ to be removed by the RFC Editor before publication as an RFC ]] [[ to be removed by the RFC Editor before publication as an RFC ]]
-25
o Corrected an external section number reference that had changed.
-24 -24
o Replaced uses of the term "associated data" wherever it was used o Replaced uses of the term "associated data" wherever it was used
to refer to a data value with "additional authenticated data", to refer to a data value with "additional authenticated data",
since both terms were being used as synonyms, causing confusion. since both terms were being used as synonyms, causing confusion.
o Updated the JSON reference to RFC 7159. o Updated the JSON reference to RFC 7159.
-23 -23
 End of changes. 5 change blocks. 
5 lines changed or deleted 9 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/