JSON Serialization Specifications JWS JSON Serialization JWE JSON

  • Slides: 9
Download presentation
JSON Serialization Specifications: JWS JSON Serialization JWE JSON Serialization Mike Jones November 7, 2012

JSON Serialization Specifications: JWS JSON Serialization JWE JSON Serialization Mike Jones November 7, 2012

JSON Serialization Goals • JSON representation for JWS, JWE values • Support multiple signatures/recipients

JSON Serialization Goals • JSON representation for JWS, JWE values • Support multiple signatures/recipients • Use identical crypto operations as compact (dot-separated) serializations

Design Methodology • Use JSON members for each JWS/JWE element – (instead of separating

Design Methodology • Use JSON members for each JWS/JWE element – (instead of separating them with ‘. ’ characters) • Use single JSON values for elements common to multiple signatures/recipients – JWS Payload – JWE Initialization Vector – JWE Ciphertext • Use JSON arrays for elements specific to each signature/recipient – JWS Header, JWS Signature – JWE Header, JWE Encrypted Key, JWE Integrity Value

Changes since IETF 84 • Now uses array of structures for per-recipient values, rather

Changes since IETF 84 • Now uses array of structures for per-recipient values, rather than set of parallel arrays – WG requested to make structure more apparent • Initialization Vector now shared by all recipients, rather than being duplicated in each header – Space savings (primarily for compact serialization)

Headers from Example JWS-JS {"alg": "RS 256"} {"alg": "ES 256"}

Headers from Example JWS-JS {"alg": "RS 256"} {"alg": "ES 256"}

Example JWS-JS {"recipients": [ {"header": "ey. Jhb. Gci. Oi. JSUz. I 1 Ni. J

Example JWS-JS {"recipients": [ {"header": "ey. Jhb. Gci. Oi. JSUz. I 1 Ni. J 9", "signature": "c. C 4 hi. UPoj 9 Eetdgtv 3 h. F 80 EGrhu. B__dz. ERat 0 XF 9 g 2 Vt. Qgr 9 PJbu 3 XOi. Zj 5 RZ mh 7 AAu. HIm 4 Bh-0 Qc_l. F 5 YKt_O 8 W 2 Fp 5 juj. Gbds 9 u. Jdb. F 9 CUAr 7 t 1 dn. Zc. Ac. Qjb KBYNX 4 BAyn. RFdiu. B--f_n. ZLgrnby. Ty. Wz. O 75 v. RK 5 h 6 x. BAr. LIARNPvk. Sjt. QBMHl b 1 L 07 Qe 7 K 0 Gar. ZRm. B_e. SN 9383 Lc. OLn 6_d. O--xi 12 jz. Dwus. C-e. Ok. HWEsqt. FZES c 6 Bf. I 7 no. OPqvh. J 1 ph. Cnv. Wh 6 Ie. YI 2 w 9 QOYEUip. UTI 8 np 6 Lbg. GY 9 Fs 98 rq. Vt 5 AX LIh. Wk. Wywl. Vmt. Vr. Bp 0 igc. N_Ioyp. Gl. UPQGe 77 Rw"}, {"header": "ey. Jhb. Gci. Oi. JFUz. I 1 Ni. J 9", "signature": "Dt. Eh. U 3 ljb. Eg 8 L 38 VWAf. UAq. Oy. KAM 6 -Xx-F 4 Gawxaepm. XFCgf. Tj. Dxw 5 djx. La 8 IS l. SApm. WQxf. KTUJq. PP 3 -Kg 6 NU 1 Q"}], "payload": "ey. Jpc 3 Mi. Oi. Jqb 2 Ui. LA 0 KICJle. HAi. Oj. Ez. MDA 4 MTkz. ODAs. DQog. Imh 0 d. HA 6 Ly 9 le. GF tc. Gxl. Lm. Nvb. S 9 pc 19 yb 290 Ijp 0 cn. Vlf. Q" }

Headers from Example JWE-JS {"alg": "RSA 1_5", "enc": "A 128 CBC+HS 256"} {"alg": "RSA-OAEP",

Headers from Example JWE-JS {"alg": "RSA 1_5", "enc": "A 128 CBC+HS 256"} {"alg": "RSA-OAEP", "enc": "A 128 CBC+HS 256"}

Example JWE-JS {"recipients": [ {"header": "ey. Jhb. Gci. Oi. JSU 0 Ex. Xz. Ui.

Example JWE-JS {"recipients": [ {"header": "ey. Jhb. Gci. Oi. JSU 0 Ex. Xz. Ui. LCJlbm. Mi. Oi. JBMTI 4 Q 0 JDK 0 h. TMj. U 2 In 0", "encrypted_key": "O 6 Aq. Xqg. Vl. JJ 4 c 4 lp 5 s. XZd 7 bp. GHAw 6 ARk. HUe. XQx. D 1 c. AW 4 -X 1 x 0 qtj_AN 0 mukq. E Ol 4 Y 6 UOw. JXIJY 9 -G 1 ELK-RQWr. KH_St. R-AM 9 H 7 Gp. Km. SEji 8 QYOc. MOjr-u 9 H 1 Lt _p. BEie. G 802 Sx. Wz 0 rb. FTXRcj 4 BWLxcp. Ctj. UZ 31 AP-sc-L_e. CZ 5 UNl 0 a. SRNq. Fsk u. Pkz. Rs. FZRDJq. SSJe. VOy. J 7 p. ZCQ 83 fli 19 Vgi_3 R 7 XMUqlu. Quuc 7 ZHOWixi 47 j. X l. BTl. WRZ 5 i. Fxa. S 8 G 6 J 8 w. Urd 4 BKgg. Aw 3 q. X 5 Xo. If. XQVl. QZE 0 Vmkq_z. QSIo 5 Ln. FKy owoo. Rcds. Eu. Nh 9 B 9 Mkyt 0 ZQEl. G-j. Gdt. HWj. ZSOA", "integrity_value": "RBGh. Yz. E 8_c. ZLHj. Jqq. Hu. Lhzbg. Wg. L_w. V 3 LDSUrcbk. Oi. IA"}, {"header": "ey. Jhb. Gci. Oi. JSU 0 Et. T 0 FFUCIs. Im. Vu. Yy. I 6 Ik. Ex. Mjh. DQk. Mr. SFMy. NTYif. Q", "encrypted_key": "myo. FYZHEr. XG 4 g. MVWl 9 Ur. FOCFIwv. OUud. Yrx. Ts. Rs. Ot 6 ma. Tc 3 W 8 G 1 Fq. GVOIBSZve Bd. Zz 2 Lq. S 42 xta 5 OXEw. LYaoc. Ob. Uxtf. H 9 H 8 v. Msj. O-m. Bo 7 U 9 mp_Pk. S 9 Pq. VJMke. Ee PLhz. NLH 0 ecq 7 n. YT 6 AFr 5 s. St 4 WMOPj. Sw. HVQWtx 43 f. Zt 4 Hv. Ya. E_vge. Srxdi 8 KAb xb. Lz. K_-qc. YT 6 H 7 cw. OMZr. T 6 SFc. Xg. LXESu. Kp. F 0 az. SGQt. Umo 0 MLICP 0 YPBec. GLTo Pive. OH 2 aw. KZx 0 Fkz. Pwi 4 Jm. OIvn. AJ_w. VQQJDVELw. O 9 SIo. F 8 ol. CQRHGy. Z 9 rz. Drr GRko. Ygm 2 j. Vz-x 0 Bu. FVQFa 4 ZNufudti. T 8 p. Qx. Kg", "integrity_value": "i 45 d. XWFj. RKk 805 Vtj. Iw_8 iq. Gq 1 r 9 q. PV 7 ULDLbn. NAC_Q"}], "initialization_vector": "Ax. Y 8 DCt. Da. Glsb. Gljb 3 Ro. ZQ", "ciphertext": "1 e. BWFgcrz 40 w. C 88 cgv 8 r. Pgu 3 Efm. C 1 p 4 z. T 0 k. Ixxf. SF 2 z. DJc. Q-i. EHk 1 j. QM 95 x. Adr 5 Z" }

Request for WG Draft Status • Request WG decision to adopt JSON Serialization specs

Request for WG Draft Status • Request WG decision to adopt JSON Serialization specs as WG documents – To meet needs of use cases requiring multiple signatures/recipients • Documents: – JSON Web Signature JSON Serialization (JWS-JS) • draft-jones-jose-jws-json-serialization – JSON Web Encryption JSON Serialization (JWE-JS) • draft-jones-jose-jwe-json-serialization

JSON Serialization Specifications JWS JSON Serialization JWE JSONJSON Serialization Specifications JWS JSON Serialization JWE JSON
JOSE Working Group Specifications Status JWS JWE JWKJOSE Working Group Specifications Status JWS JWE JWK
REACHING JWS REACHING JWS Your Experience THINGS TOREACHING JWS REACHING JWS Your Experience THINGS TO
LECTURE 16 Serialization and Data Persistence SERIALIZATION SerializationLECTURE 16 Serialization and Data Persistence SERIALIZATION Serialization
LECTURE 16 Serialization and Data Persistence SERIALIZATION SerializationLECTURE 16 Serialization and Data Persistence SERIALIZATION Serialization
JSON JSON example n JSON stands for JavaJSON JSON example n JSON stands for Java
Processing JSON in NET JSON JSON NET LINQtoJSONProcessing JSON in NET JSON JSON NET LINQtoJSON
JSON JSON as an XML Alternative l JSONJSON JSON as an XML Alternative l JSON