GENWiki

Premier IT Outsourcing and Support Services within the UK

User Tools

Site Tools


rfc:rfc7517

Internet Engineering Task Force (IETF) M. Jones Request for Comments: 7517 Microsoft Category: Standards Track May 2015 ISSN: 2070-1721

                         JSON Web Key (JWK)

Abstract

 A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) data
 structure that represents a cryptographic key.  This specification
 also defines a JWK Set JSON data structure that represents a set of
 JWKs.  Cryptographic algorithms and identifiers for use with this
 specification are described in the separate JSON Web Algorithms (JWA)
 specification and IANA registries established by that specification.

Status of This Memo

 This is an Internet Standards Track document.
 This document is a product of the Internet Engineering Task Force
 (IETF).  It represents the consensus of the IETF community.  It has
 received public review and has been approved for publication by the
 Internet Engineering Steering Group (IESG).  Further information on
 Internet Standards is available in Section 2 of RFC 5741.
 Information about the current status of this document, any errata,
 and how to provide feedback on it may be obtained at
 http://www.rfc-editor.org/info/rfc7517.

Copyright Notice

 Copyright (c) 2015 IETF Trust and the persons identified as the
 document authors.  All rights reserved.
 This document is subject to BCP 78 and the IETF Trust's Legal
 Provisions Relating to IETF Documents
 (http://trustee.ietf.org/license-info) in effect on the date of
 publication of this document.  Please review these documents
 carefully, as they describe your rights and restrictions with respect
 to this document.  Code Components extracted from this document must
 include Simplified BSD License text as described in Section 4.e of
 the Trust Legal Provisions and are provided without warranty as
 described in the Simplified BSD License.

Jones Standards Track [Page 1] RFC 7517 JSON Web Key (JWK) May 2015

Table of Contents

 1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
   1.1.  Notational Conventions  . . . . . . . . . . . . . . . . .   3
 2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   4
 3.  Example JWK . . . . . . . . . . . . . . . . . . . . . . . . .   5
 4.  JSON Web Key (JWK) Format . . . . . . . . . . . . . . . . . .   5
   4.1.  "kty" (Key Type) Parameter  . . . . . . . . . . . . . . .   6
   4.2.  "use" (Public Key Use) Parameter  . . . . . . . . . . . .   6
   4.3.  "key_ops" (Key Operations) Parameter  . . . . . . . . . .   7
   4.4.  "alg" (Algorithm) Parameter . . . . . . . . . . . . . . .   8
   4.5.  "kid" (Key ID) Parameter  . . . . . . . . . . . . . . . .   8
   4.6.  "x5u" (X.509 URL) Parameter . . . . . . . . . . . . . . .   8
   4.7.  "x5c" (X.509 Certificate Chain) Parameter . . . . . . . .   9
   4.8.  "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter  . .   9
   4.9.  "x5t#S256" (X.509 Certificate SHA-256 Thumbprint)
         Parameter . . . . . . . . . . . . . . . . . . . . . . . .  10
 5.  JWK Set Format  . . . . . . . . . . . . . . . . . . . . . . .  10
   5.1.  "keys" Parameter  . . . . . . . . . . . . . . . . . . . .  10
 6.  String Comparison Rules . . . . . . . . . . . . . . . . . . .  11
 7.  Encrypted JWK and Encrypted JWK Set Formats . . . . . . . . .  11
 8.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  11
   8.1.  JSON Web Key Parameters Registry  . . . . . . . . . . . .  12
     8.1.1.  Registration Template . . . . . . . . . . . . . . . .  12
     8.1.2.  Initial Registry Contents . . . . . . . . . . . . . .  13
   8.2.  JSON Web Key Use Registry . . . . . . . . . . . . . . . .  15
     8.2.1.  Registration Template . . . . . . . . . . . . . . . .  15
     8.2.2.  Initial Registry Contents . . . . . . . . . . . . . .  15
   8.3.  JSON Web Key Operations Registry  . . . . . . . . . . . .  16
     8.3.1.  Registration Template . . . . . . . . . . . . . . . .  16
     8.3.2.  Initial Registry Contents . . . . . . . . . . . . . .  16
   8.4.  JSON Web Key Set Parameters Registry  . . . . . . . . . .  17
     8.4.1.  Registration Template . . . . . . . . . . . . . . . .  17
     8.4.2.  Initial Registry Contents . . . . . . . . . . . . . .  18
   8.5.  Media Type Registration . . . . . . . . . . . . . . . . .  18
     8.5.1.  Registry Contents . . . . . . . . . . . . . . . . . .  18
 9.  Security Considerations . . . . . . . . . . . . . . . . . . .  19
   9.1.  Key Provenance and Trust  . . . . . . . . . . . . . . . .  20
   9.2.  Preventing Disclosure of Non-public Key Information . . .  20
   9.3.  RSA Private Key Representations and Blinding  . . . . . .  21
   9.4.  Key Entropy and Random Values . . . . . . . . . . . . . .  21
 10. References  . . . . . . . . . . . . . . . . . . . . . . . . .  21
   10.1.  Normative References . . . . . . . . . . . . . . . . . .  21
   10.2.  Informative References . . . . . . . . . . . . . . . . .  23
 Appendix A.  Example JSON Web Key Sets  . . . . . . . . . . . . .  25
   A.1.  Example Public Keys . . . . . . . . . . . . . . . . . . .  25
   A.2.  Example Private Keys  . . . . . . . . . . . . . . . . . .  25
   A.3.  Example Symmetric Keys  . . . . . . . . . . . . . . . . .  27

Jones Standards Track [Page 2] RFC 7517 JSON Web Key (JWK) May 2015

 Appendix B.  Example Use of "x5c" (X.509 Certificate Chain)
              Parameter  . . . . . . . . . . . . . . . . . . . . .  28
 Appendix C.  Example Encrypted RSA Private Key  . . . . . . . . .  28
   C.1.  Plaintext RSA Private Key . . . . . . . . . . . . . . . .  29
   C.2.  JOSE Header . . . . . . . . . . . . . . . . . . . . . . .  32
   C.3.  Content Encryption Key (CEK)  . . . . . . . . . . . . . .  32
   C.4.  Key Derivation  . . . . . . . . . . . . . . . . . . . . .  33
   C.5.  Key Encryption  . . . . . . . . . . . . . . . . . . . . .  33
   C.6.  Initialization Vector . . . . . . . . . . . . . . . . . .  33
   C.7.  Additional Authenticated Data . . . . . . . . . . . . . .  34
   C.8.  Content Encryption  . . . . . . . . . . . . . . . . . . .  34
   C.9.  Complete Representation . . . . . . . . . . . . . . . . .  38
 Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .  40
 Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .  40

1. Introduction

 A JSON Web Key (JWK) is a JavaScript Object Notation (JSON) [RFC7159]
 data structure that represents a cryptographic key.  This
 specification also defines a JWK Set JSON data structure that
 represents a set of JWKs.  Cryptographic algorithms and identifiers
 for use with this specification are described in the separate JSON
 Web Algorithms (JWA) [JWA] specification and IANA registries
 established by that specification.
 Goals for this specification do not include representing new kinds of
 certificate chains, representing new kinds of certified keys, or
 replacing X.509 certificates.
 JWKs and JWK Sets are used in the JSON Web Signature [JWS] and JSON
 Web Encryption [JWE] specifications.
 Names defined by this specification are short because a core goal is
 for the resulting representations to be compact.

1.1. Notational Conventions

 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
 "OPTIONAL" in this document are to be interpreted as described in
 "Key words for use in RFCs to Indicate Requirement Levels" [RFC2119].
 The interpretation should only be applied when the terms appear in
 all capital letters.
 BASE64URL(OCTETS) denotes the base64url encoding of OCTETS, per
 Section 2 of [JWS].

Jones Standards Track [Page 3] RFC 7517 JSON Web Key (JWK) May 2015

 UTF8(STRING) denotes the octets of the UTF-8 [RFC3629] representation
 of STRING, where STRING is a sequence of zero or more Unicode
 [UNICODE] characters.
 ASCII(STRING) denotes the octets of the ASCII [RFC20] representation
 of STRING, where STRING is a sequence of zero or more ASCII
 characters.
 The concatenation of two values A and B is denoted as A || B.

2. Terminology

 The terms "JSON Web Signature (JWS)", "Base64url Encoding",
 "Collision-Resistant Name", "Header Parameter", and "JOSE Header" are
 defined by the JWS specification [JWS].
 The terms "JSON Web Encryption (JWE)", "Additional Authenticated Data
 (AAD)", "JWE Authentication Tag", "JWE Ciphertext", "JWE Compact
 Serialization", "JWE Encrypted Key", "JWE Initialization Vector", and
 "JWE Protected Header" are defined by the JWE specification [JWE].
 The terms "Ciphertext", "Digital Signature", "Message Authentication
 Code (MAC)", and "Plaintext" are defined by the "Internet Security
 Glossary, Version 2" [RFC4949].
 These terms are defined by this specification:
 JSON Web Key (JWK)
    A JSON object that represents a cryptographic key.  The members of
    the object represent properties of the key, including its value.
 JWK Set
    A JSON object that represents a set of JWKs.  The JSON object MUST
    have a "keys" member, which is an array of JWKs.

Jones Standards Track [Page 4] RFC 7517 JSON Web Key (JWK) May 2015

3. Example JWK

 This section provides an example of a JWK.  The following example JWK
 declares that the key is an Elliptic Curve [DSS] key, it is used with
 the P-256 Elliptic Curve, and its x and y coordinates are the
 base64url-encoded values shown.  A key identifier is also provided
 for the key.
   {"kty":"EC",
    "crv":"P-256",
    "x":"f83OJ3D2xF1Bg8vub9tLe1gHMzV76e8Tus9uPHvRVEU",
    "y":"x_FEzRu9m36HLN_tue659LNpXW6pCyStikYjKIWI5a0",
    "kid":"Public key used in JWS spec Appendix A.3 example"
   }
 Additional example JWK values can be found in Appendix A.

4. JSON Web Key (JWK) Format

 A JWK is a JSON object that represents a cryptographic key.  The
 members of the object represent properties of the key, including its
 value.  This JSON object MAY contain whitespace and/or line breaks
 before or after any JSON values or structural characters, in
 accordance with Section 2 of RFC 7159 [RFC7159].  This document
 defines the key parameters that are not algorithm specific and, thus,
 common to many keys.
 In addition to the common parameters, each JWK will have members that
 are key type specific.  These members represent the parameters of the
 key.  Section 6 of the JSON Web Algorithms (JWA) [JWA] specification
 defines multiple kinds of cryptographic keys and their associated
 members.
 The member names within a JWK MUST be unique; JWK parsers MUST either
 reject JWKs with duplicate member names or use a JSON parser that
 returns only the lexically last duplicate member name, as specified
 in Section 15.12 (The JSON Object) of ECMAScript 5.1 [ECMAScript].
 Additional members can be present in the JWK; if not understood by
 implementations encountering them, they MUST be ignored.  Member
 names used for representing key parameters for different keys types
 need not be distinct.  Any new member name should either be
 registered in the IANA "JSON Web Key Parameters" registry established
 by Section 8.1 or be a value that contains a Collision-Resistant
 Name.

Jones Standards Track [Page 5] RFC 7517 JSON Web Key (JWK) May 2015

4.1. "kty" (Key Type) Parameter

 The "kty" (key type) parameter identifies the cryptographic algorithm
 family used with the key, such as "RSA" or "EC".  "kty" values should
 either be registered in the IANA "JSON Web Key Types" registry
 established by [JWA] or be a value that contains a Collision-
 Resistant Name.  The "kty" value is a case-sensitive string.  This
 member MUST be present in a JWK.
 A list of defined "kty" values can be found in the IANA "JSON Web Key
 Types" registry established by [JWA]; the initial contents of this
 registry are the values defined in Section 6.1 of [JWA].
 The key type definitions include specification of the members to be
 used for those key types.  Members used with specific "kty" values
 can be found in the IANA "JSON Web Key Parameters" registry
 established by Section 8.1.

4.2. "use" (Public Key Use) Parameter

 The "use" (public key use) parameter identifies the intended use of
 the public key.  The "use" parameter is employed to indicate whether
 a public key is used for encrypting data or verifying the signature
 on data.
 Values defined by this specification are:
 o  "sig" (signature)
 o  "enc" (encryption)
 Other values MAY be used.  The "use" value is a case-sensitive
 string.  Use of the "use" member is OPTIONAL, unless the application
 requires its presence.
 When a key is used to wrap another key and a public key use
 designation for the first key is desired, the "enc" (encryption) key
 use value is used, since key wrapping is a kind of encryption.  The
 "enc" value is also to be used for public keys used for key agreement
 operations.
 Additional "use" (public key use) values can be registered in the
 IANA "JSON Web Key Use" registry established by Section 8.2.
 Registering any extension values used is highly recommended when this
 specification is used in open environments, in which multiple
 organizations need to have a common understanding of any extensions
 used.  However, unregistered extension values can be used in closed
 environments, in which the producing and consuming organization will
 always be the same.

Jones Standards Track [Page 6] RFC 7517 JSON Web Key (JWK) May 2015

4.3. "key_ops" (Key Operations) Parameter

 The "key_ops" (key operations) parameter identifies the operation(s)
 for which the key is intended to be used.  The "key_ops" parameter is
 intended for use cases in which public, private, or symmetric keys
 may be present.
 Its value is an array of key operation values.  Values defined by
 this specification are:
 o  "sign" (compute digital signature or MAC)
 o  "verify" (verify digital signature or MAC)
 o  "encrypt" (encrypt content)
 o  "decrypt" (decrypt content and validate decryption, if applicable)
 o  "wrapKey" (encrypt key)
 o  "unwrapKey" (decrypt key and validate decryption, if applicable)
 o  "deriveKey" (derive key)
 o  "deriveBits" (derive bits not to be used as a key)
 (Note that the "key_ops" values intentionally match the "KeyUsage"
 values defined in the Web Cryptography API
 [W3C.CR-WebCryptoAPI-20141211] specification.)
 Other values MAY be used.  The key operation values are case-
 sensitive strings.  Duplicate key operation values MUST NOT be
 present in the array.  Use of the "key_ops" member is OPTIONAL,
 unless the application requires its presence.
 Multiple unrelated key operations SHOULD NOT be specified for a key
 because of the potential vulnerabilities associated with using the
 same key with multiple algorithms.  Thus, the combinations "sign"
 with "verify", "encrypt" with "decrypt", and "wrapKey" with
 "unwrapKey" are permitted, but other combinations SHOULD NOT be used.
 Additional "key_ops" (key operations) values can be registered in the
 IANA "JSON Web Key Operations" registry established by Section 8.3.
 The same considerations about registering extension values apply to
 the "key_ops" member as do for the "use" member.
 The "use" and "key_ops" JWK members SHOULD NOT be used together;
 however, if both are used, the information they convey MUST be
 consistent.  Applications should specify which of these members they
 use, if either is to be used by the application.

Jones Standards Track [Page 7] RFC 7517 JSON Web Key (JWK) May 2015

4.4. "alg" (Algorithm) Parameter

 The "alg" (algorithm) parameter identifies the algorithm intended for
 use with the key.  The values used should either be registered in the
 IANA "JSON Web Signature and Encryption Algorithms" registry
 established by [JWA] or be a value that contains a Collision-
 Resistant Name.  The "alg" value is a case-sensitive ASCII string.
 Use of this member is OPTIONAL.

4.5. "kid" (Key ID) Parameter

 The "kid" (key ID) parameter is used to match a specific key.  This
 is used, for instance, to choose among a set of keys within a JWK Set
 during key rollover.  The structure of the "kid" value is
 unspecified.  When "kid" values are used within a JWK Set, different
 keys within the JWK Set SHOULD use distinct "kid" values.  (One
 example in which different keys might use the same "kid" value is if
 they have different "kty" (key type) values but are considered to be
 equivalent alternatives by the application using them.)  The "kid"
 value is a case-sensitive string.  Use of this member is OPTIONAL.
 When used with JWS or JWE, the "kid" value is used to match a JWS or
 JWE "kid" Header Parameter value.

4.6. "x5u" (X.509 URL) Parameter

 The "x5u" (X.509 URL) parameter is a URI [RFC3986] that refers to a
 resource for an X.509 public key certificate or certificate chain
 [RFC5280].  The identified resource MUST provide a representation of
 the certificate or certificate chain that conforms to RFC 5280
 [RFC5280] in PEM-encoded form, with each certificate delimited as
 specified in Section 6.1 of RFC 4945 [RFC4945].  The key in the first
 certificate MUST match the public key represented by other members of
 the JWK.  The protocol used to acquire the resource MUST provide
 integrity protection; an HTTP GET request to retrieve the certificate
 MUST use TLS [RFC2818] [RFC5246]; the identity of the server MUST be
 validated, as per Section 6 of RFC 6125 [RFC6125].  Use of this
 member is OPTIONAL.
 While there is no requirement that optional JWK members providing key
 usage, algorithm, or other information be present when the "x5u"
 member is used, doing so may improve interoperability for
 applications that do not handle PKIX certificates [RFC5280].  If
 other members are present, the contents of those members MUST be
 semantically consistent with the related fields in the first
 certificate.  For instance, if the "use" member is present, then it
 MUST correspond to the usage that is specified in the certificate,

Jones Standards Track [Page 8] RFC 7517 JSON Web Key (JWK) May 2015

 when it includes this information.  Similarly, if the "alg" member is
 present, it MUST correspond to the algorithm specified in the
 certificate.

4.7. "x5c" (X.509 Certificate Chain) Parameter

 The "x5c" (X.509 certificate chain) parameter contains a chain of one
 or more PKIX certificates [RFC5280].  The certificate chain is
 represented as a JSON array of certificate value strings.  Each
 string in the array is a base64-encoded (Section 4 of [RFC4648] --
 not base64url-encoded) DER [ITU.X690.1994] PKIX certificate value.
 The PKIX certificate containing the key value MUST be the first
 certificate.  This MAY be followed by additional certificates, with
 each subsequent certificate being the one used to certify the
 previous one.  The key in the first certificate MUST match the public
 key represented by other members of the JWK.  Use of this member is
 OPTIONAL.
 As with the "x5u" member, optional JWK members providing key usage,
 algorithm, or other information MAY also be present when the "x5c"
 member is used.  If other members are present, the contents of those
 members MUST be semantically consistent with the related fields in
 the first certificate.  See the last paragraph of Section 4.6 for
 additional guidance on this.

4.8. "x5t" (X.509 Certificate SHA-1 Thumbprint) Parameter

 The "x5t" (X.509 certificate SHA-1 thumbprint) parameter is a
 base64url-encoded SHA-1 thumbprint (a.k.a. digest) of the DER
 encoding of an X.509 certificate [RFC5280].  Note that certificate
 thumbprints are also sometimes known as certificate fingerprints.
 The key in the certificate MUST match the public key represented by
 other members of the JWK.  Use of this member is OPTIONAL.
 As with the "x5u" member, optional JWK members providing key usage,
 algorithm, or other information MAY also be present when the "x5t"
 member is used.  If other members are present, the contents of those
 members MUST be semantically consistent with the related fields in
 the referenced certificate.  See the last paragraph of Section 4.6
 for additional guidance on this.

Jones Standards Track [Page 9] RFC 7517 JSON Web Key (JWK) May 2015

4.9. "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) Parameter

 The "x5t#S256" (X.509 certificate SHA-256 thumbprint) parameter is a
 base64url-encoded SHA-256 thumbprint (a.k.a. digest) of the DER
 encoding of an X.509 certificate [RFC5280].  Note that certificate
 thumbprints are also sometimes known as certificate fingerprints.
 The key in the certificate MUST match the public key represented by
 other members of the JWK.  Use of this member is OPTIONAL.
 As with the "x5u" member, optional JWK members providing key usage,
 algorithm, or other information MAY also be present when the
 "x5t#S256" member is used.  If other members are present, the
 contents of those members MUST be semantically consistent with the
 related fields in the referenced certificate.  See the last paragraph
 of Section 4.6 for additional guidance on this.

5. JWK Set Format

 A JWK Set is a JSON object that represents a set of JWKs.  The JSON
 object MUST have a "keys" member, with its value being an array of
 JWKs.  This JSON object MAY contain whitespace and/or line breaks.
 The member names within a JWK Set MUST be unique; JWK Set parsers
 MUST either reject JWK Sets with duplicate member names or use a JSON
 parser that returns only the lexically last duplicate member name, as
 specified in Section 15.12 ("The JSON Object") of ECMAScript 5.1
 [ECMAScript].
 Additional members can be present in the JWK Set; if not understood
 by implementations encountering them, they MUST be ignored.
 Parameters for representing additional properties of JWK Sets should
 either be registered in the IANA "JSON Web Key Set Parameters"
 registry established by Section 8.4 or be a value that contains a
 Collision-Resistant Name.
 Implementations SHOULD ignore JWKs within a JWK Set that use "kty"
 (key type) values that are not understood by them, that are missing
 required members, or for which values are out of the supported
 ranges.

5.1. "keys" Parameter

 The value of the "keys" parameter is an array of JWK values.  By
 default, the order of the JWK values within the array does not imply
 an order of preference among them, although applications of JWK Sets
 can choose to assign a meaning to the order for their purposes, if
 desired.

Jones Standards Track [Page 10] RFC 7517 JSON Web Key (JWK) May 2015

6. String Comparison Rules

 The string comparison rules for this specification are the same as
 those defined in Section 5.3 of [JWS].

7. Encrypted JWK and Encrypted JWK Set Formats

 Access to JWKs containing non-public key material by parties without
 legitimate access to the non-public information MUST be prevented.
 This can be accomplished by encrypting the JWK when potentially
 observable by such parties to prevent the disclosure of private or
 symmetric key values.  The use of an Encrypted JWK, which is a JWE
 with the UTF-8 encoding of a JWK as its plaintext value, is
 recommended for this purpose.  The processing of Encrypted JWKs is
 identical to the processing of other JWEs.  A "cty" (content type)
 Header Parameter value of "jwk+json" MUST be used to indicate that
 the content of the JWE is a JWK, unless the application knows that
 the encrypted content is a JWK by another means or convention, in
 which case the "cty" value would typically be omitted.
 JWK Sets containing non-public key material will also need to be
 encrypted under these circumstances.  The use of an Encrypted JWK
 Set, which is a JWE with the UTF-8 encoding of a JWK Set as its
 plaintext value, is recommended for this purpose.  The processing of
 Encrypted JWK Sets is identical to the processing of other JWEs.  A
 "cty" (content type) Header Parameter value of "jwk-set+json" MUST be
 used to indicate that the content of the JWE is a JWK Set, unless the
 application knows that the encrypted content is a JWK Set by another
 means or convention, in which case the "cty" value would typically be
 omitted.
 See Appendix C for an example encrypted JWK.

8. IANA Considerations

 The following registration procedure is used for all the registries
 established by this specification.
 The registration procedure for values is Specification Required
 [RFC5226] after a three-week review period on the
 jose-reg-review@ietf.org mailing list, on the advice of one or more
 Designated Experts.  However, to allow for the allocation of values
 prior to publication, the Designated Experts may approve registration
 once they are satisfied that such a specification will be published.
 Registration requests sent to the mailing list for review should use
 an appropriate subject (e.g., "Request to register JWK parameter:
 example").

Jones Standards Track [Page 11] RFC 7517 JSON Web Key (JWK) May 2015

 Within the review period, the Designated Experts will either approve
 or deny the registration request, communicating this decision to the
 review list and IANA.  Denials should include an explanation and, if
 applicable, suggestions as to how to make the request successful.
 Registration requests that are undetermined for a period longer than
 21 days can be brought to the IESG's attention (using the
 iesg@ietf.org mailing list) for resolution.
 Criteria that should be applied by the Designated Experts include
 determining whether the proposed registration duplicates existing
 functionality, whether it is likely to be of general applicability or
 useful only for a single application, and whether the registration
 description is clear.
 IANA must only accept registry updates from the Designated Experts
 and should direct all requests for registration to the review mailing
 list.
 It is suggested that multiple Designated Experts be appointed who are
 able to represent the perspectives of different applications using
 this specification, in order to enable broadly informed review of
 registration decisions.  In cases where a registration decision could
 be perceived as creating a conflict of interest for a particular
 Expert, that Expert should defer to the judgment of the other
 Experts.

8.1. JSON Web Key Parameters Registry

 This section establishes the IANA "JSON Web Key Parameters" registry
 for JWK parameter names.  The registry records the parameter name,
 the key type(s) that the parameter is used with, and a reference to
 the specification that defines it.  It also records whether the
 parameter conveys public or private information.  This section
 registers the parameter names defined in Section 4.  The same JWK
 parameter name may be registered multiple times, provided that
 duplicate parameter registrations are only for key-type-specific JWK
 parameters; in this case, the meaning of the duplicate parameter name
 is disambiguated by the "kty" value of the JWK containing it.

8.1.1. Registration Template

 Parameter Name:
    The name requested (e.g., "kid").  Because a core goal of this
    specification is for the resulting representations to be compact,
    it is RECOMMENDED that the name be short -- not to exceed 8
    characters without a compelling reason to do so.  This name is
    case sensitive.  Names may not match other registered names in a
    case-insensitive manner unless the Designated Experts state that

Jones Standards Track [Page 12] RFC 7517 JSON Web Key (JWK) May 2015

    there is a compelling reason to allow an exception.  However,
    matching names may be registered, provided that the accompanying
    sets of "kty" values that the parameter name is used with are
    disjoint; for the purposes of matching "kty" values, "*" matches
    all values.
 Parameter Description:
    Brief description of the parameter (e.g., "Key ID").
 Used with "kty" Value(s):
    The key type parameter value(s) that the parameter name is to be
    used with, or the value "*" if the parameter value is used with
    all key types.  Values may not match other registered "kty" values
    in a case-insensitive manner when the registered parameter name is
    the same (including when the parameter name matches in a case-
    insensitive manner) unless the Designated Experts state that there
    is a compelling reason to allow an exception.
 Parameter Information Class:
    Registers whether the parameter conveys public or private
    information.  Its value must be either Public or Private.
 Change Controller:
    For Standards Track RFCs, list the "IESG".  For others, give the
    name of the responsible party.  Other details (e.g., postal
    address, email address, home page URI) may also be included.
 Specification Document(s):
    Reference to the document or documents that specify the parameter,
    preferably including URIs that can be used to retrieve copies of
    the documents.  An indication of the relevant sections may also be
    included but is not required.

8.1.2. Initial Registry Contents

 o  Parameter Name: "kty"
 o  Parameter Description: Key Type
 o  Used with "kty" Value(s): *
 o  Parameter Information Class: Public
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.1 of RFC 7517
 o  Parameter Name: "use"
 o  Parameter Description: Public Key Use
 o  Used with "kty" Value(s): *
 o  Parameter Information Class: Public
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.2 of RFC 7517

Jones Standards Track [Page 13] RFC 7517 JSON Web Key (JWK) May 2015

 o  Parameter Name: "key_ops"
 o  Parameter Description: Key Operations
 o  Used with "kty" Value(s): *
 o  Parameter Information Class: Public
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.3 of RFC 7517
 o  Parameter Name: "alg"
 o  Parameter Description: Algorithm
 o  Used with "kty" Value(s): *
 o  Parameter Information Class: Public
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.4 of RFC 7517
 o  Parameter Name: "kid"
 o  Parameter Description: Key ID
 o  Used with "kty" Value(s): *
 o  Parameter Information Class: Public
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.5 of RFC 7517
 o  Parameter Name: "x5u"
 o  Parameter Description: X.509 URL
 o  Used with "kty" Value(s): *
 o  Parameter Information Class: Public
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.6 of RFC 7517
 o  Parameter Name: "x5c"
 o  Parameter Description: X.509 Certificate Chain
 o  Used with "kty" Value(s): *
 o  Parameter Information Class: Public
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.7 of RFC 7517
 o  Parameter Name: "x5t"
 o  Parameter Description: X.509 Certificate SHA-1 Thumbprint
 o  Used with "kty" Value(s): *
 o  Parameter Information Class: Public
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.8 of RFC 7517
 o  Parameter Name: "x5t#S256"
 o  Parameter Description: X.509 Certificate SHA-256 Thumbprint
 o  Used with "kty" Value(s): *
 o  Parameter Information Class: Public
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.9 of RFC 7517

Jones Standards Track [Page 14] RFC 7517 JSON Web Key (JWK) May 2015

8.2. JSON Web Key Use Registry

 This section establishes the IANA "JSON Web Key Use" registry for JWK
 "use" (public key use) member values.  The registry records the
 public key use value and a reference to the specification that
 defines it.  This section registers the parameter names defined in
 Section 4.2.

8.2.1. Registration Template

 Use Member Value:
    The name requested (e.g., "sig").  Because a core goal of this
    specification is for the resulting representations to be compact,
    it is RECOMMENDED that the name be short -- not to exceed 8
    characters without a compelling reason to do so.  This name is
    case sensitive.  Names may not match other registered names in a
    case-insensitive manner unless the Designated Experts state that
    there is a compelling reason to allow an exception.
 Use Description:
    Brief description of the use (e.g., "Digital Signature or MAC").
 Change Controller:
    For Standards Track RFCs, list the "IESG".  For others, give the
    name of the responsible party.  Other details (e.g., postal
    address, email address, home page URI) may also be included.
 Specification Document(s):
    Reference to the document or documents that specify the parameter,
    preferably including URIs that can be used to retrieve copies of
    the documents.  An indication of the relevant sections may also be
    included but is not required.

8.2.2. Initial Registry Contents

 o  Use Member Value: "sig"
 o  Use Description: Digital Signature or MAC
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.2 of RFC 7517
 o  Use Member Value: "enc"
 o  Use Description: Encryption
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.2 of RFC 7517

Jones Standards Track [Page 15] RFC 7517 JSON Web Key (JWK) May 2015

8.3. JSON Web Key Operations Registry

 This section establishes the IANA "JSON Web Key Operations" registry
 for values of JWK "key_ops" array elements.  The registry records the
 key operation value and a reference to the specification that defines
 it.  This section registers the parameter names defined in
 Section 4.3.

8.3.1. Registration Template

 Key Operation Value:
    The name requested (e.g., "sign").  Because a core goal of this
    specification is for the resulting representations to be compact,
    it is RECOMMENDED that the name be short -- not to exceed 8
    characters without a compelling reason to do so.  This name is
    case sensitive.  Names may not match other registered names in a
    case-insensitive manner unless the Designated Experts state that
    there is a compelling reason to allow an exception.
 Key Operation Description:
    Brief description of the key operation (e.g., "Compute digital
    signature or MAC").
 Change Controller:
    For Standards Track RFCs, list the "IESG".  For others, give the
    name of the responsible party.  Other details (e.g., postal
    address, email address, home page URI) may also be included.
 Specification Document(s):
    Reference to the document or documents that specify the parameter,
    preferably including URIs that can be used to retrieve copies of
    the documents.  An indication of the relevant sections may also be
    included but is not required.

8.3.2. Initial Registry Contents

 o  Key Operation Value: "sign"
 o  Key Operation Description: Compute digital signature or MAC
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.3 of RFC 7517
 o  Key Operation Value: "verify"
 o  Key Operation Description: Verify digital signature or MAC
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.3 of RFC 7517

Jones Standards Track [Page 16] RFC 7517 JSON Web Key (JWK) May 2015

 o  Key Operation Value: "encrypt"
 o  Key Operation Description: Encrypt content
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.3 of RFC 7517
 o  Key Operation Value: "decrypt"
 o  Key Operation Description: Decrypt content and validate
    decryption, if applicable
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.3 of RFC 7517
 o  Key Operation Value: "wrapKey"
 o  Key Operation Description: Encrypt key
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.3 of RFC 7517
 o  Key Operation Value: "unwrapKey"
 o  Key Operation Description: Decrypt key and validate decryption, if
    applicable
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.3 of RFC 7517
 o  Key Operation Value: "deriveKey"
 o  Key Operation Description: Derive key
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.3 of RFC 7517
 o  Key Operation Value: "deriveBits"
 o  Key Operation Description: Derive bits not to be used as a key
 o  Change Controller: IESG
 o  Specification Document(s): Section 4.3 of RFC 7517

8.4. JSON Web Key Set Parameters Registry

 This section establishes the IANA "JSON Web Key Set Parameters"
 registry for JWK Set parameter names.  The registry records the
 parameter name and a reference to the specification that defines it.
 This section registers the parameter names defined in Section 5.

8.4.1. Registration Template

 Parameter Name:
    The name requested (e.g., "keys").  Because a core goal of this
    specification is for the resulting representations to be compact,
    it is RECOMMENDED that the name be short -- not to exceed 8
    characters without a compelling reason to do so.  This name is
    case sensitive.  Names may not match other registered names in a
    case-insensitive manner unless the Designated Experts state that
    there is a compelling reason to allow an exception.

Jones Standards Track [Page 17] RFC 7517 JSON Web Key (JWK) May 2015

 Parameter Description:
    Brief description of the parameter (e.g., "Array of JWK values").
 Change Controller:
    For Standards Track RFCs, list the "IESG".  For others, give the
    name of the responsible party.  Other details (e.g., postal
    address, email address, home page URI) may also be included.
 Specification Document(s):
    Reference to the document or documents that specify the parameter,
    preferably including URIs that can be used to retrieve copies of
    the documents.  An indication of the relevant sections may also be
    included but is not required.

8.4.2. Initial Registry Contents

 o  Parameter Name: "keys"
 o  Parameter Description: Array of JWK Values
 o  Change Controller: IESG
 o  Specification Document(s): Section 5.1 of RFC 7517

8.5. Media Type Registration

8.5.1. Registry Contents

 This section registers the "application/jwk+json" and "application/
 jwk-set+json" media types [RFC2046] in the "Media Types" registry
 [IANA.MediaTypes] in the manner described in RFC 6838 [RFC6838],
 which can be used to indicate that the content is a JWK or a JWK Set,
 respectively.
 o  Type Name: application
 o  Subtype Name: jwk+json
 o  Required Parameters: n/a
 o  Optional Parameters: n/a
 o  Encoding considerations: 8bit; application/jwk+json values are
    represented as a JSON object; UTF-8 encoding SHOULD be employed
    for the JSON object.
 o  Security Considerations: See the Security Considerations section
    of RFC 7517.
 o  Interoperability Considerations: n/a
 o  Published Specification: RFC 7517
 o  Applications that use this media type: OpenID Connect, Salesforce,
    Google, Android, Windows Azure, W3C WebCrypto API, numerous others
 o  Fragment identifier considerations: n/a

Jones Standards Track [Page 18] RFC 7517 JSON Web Key (JWK) May 2015

 o  Additional Information:
       Magic number(s): n/a
       File extension(s): n/a
       Macintosh file type code(s): n/a
 o  Person & email address to contact for further information:
    Michael B.  Jones, mbj@microsoft.com
 o  Intended Usage: COMMON
 o  Restrictions on Usage: none
 o  Author: Michael B.  Jones, mbj@microsoft.com
 o  Change Controller: IESG
 o  Provisional registration?  No
 o  Type Name: application
 o  Subtype Name: jwk-set+json
 o  Required Parameters: n/a
 o  Optional Parameters: n/a
 o  Encoding considerations: 8bit; application/jwk-set+json values are
    represented as a JSON Object; UTF-8 encoding SHOULD be employed
    for the JSON object.
 o  Security Considerations: See the Security Considerations section
    of RFC 7517.
 o  Interoperability Considerations: n/a
 o  Published Specification: RFC 7517
 o  Applications that use this media type: OpenID Connect, Salesforce,
    Google, Android, Windows Azure, W3C WebCrypto API, numerous others
 o  Fragment identifier considerations: n/a
 o  Additional Information:
       Magic number(s): n/a
       File extension(s): n/a
       Macintosh file type code(s): n/a
 o  Person & email address to contact for further information:
    Michael B.  Jones, mbj@microsoft.com
 o  Intended Usage: COMMON
 o  Restrictions on Usage: none
 o  Author: Michael B.  Jones, mbj@microsoft.com
 o  Change Controller: IESG
 o  Provisional registration?  No

9. Security Considerations

 All of the security issues that are pertinent to any cryptographic
 application must be addressed by JWS/JWE/JWK agents.  Among these
 issues are protecting the user's asymmetric private and symmetric
 secret keys and employing countermeasures to various attacks.

Jones Standards Track [Page 19] RFC 7517 JSON Web Key (JWK) May 2015

9.1. Key Provenance and Trust

 One should place no more trust in the data cryptographically secured
 by a key than in the method by which it was obtained and in the
 trustworthiness of the entity asserting an association with the key.
 Any data associated with a key that is obtained in an untrusted
 manner should be treated with skepticism.  See Section 10.3 of [JWS]
 for security considerations on key origin authentication.
 In almost all cases, applications make decisions about whether to
 trust a key based on attributes bound to the key, such as names,
 roles, and the key origin, rather than based on the key itself.  When
 an application is deciding whether to trust a key, there are several
 ways that it can bind attributes to a JWK.  Two example mechanisms
 are PKIX [RFC5280] and JSON Web Token (JWT) [JWT].
 For instance, the creator of a JWK can include a PKIX certificate in
 the JWK's "x5c" member.  If the application validates the certificate
 and verifies that the JWK corresponds to the subject public key in
 the certificate, then the JWK can be associated with the attributes
 in the certificate, such as the subject name, subject alternative
 names, extended key usages, and its signature chain.
 As another example, a JWT can be used to associate attributes with a
 JWK by referencing the JWK as a claim in the JWT.  The JWK can be
 included directly as a claim value or the JWT can include a TLS-
 secured URI from which to retrieve the JWK value.  Either way, an
 application that gets a JWK via a JWT claim can associate it with the
 JWT's cryptographic properties and use these and possibly additional
 claims in deciding whether to trust the key.
 The security considerations in Section 12.3 of XML DSIG 2.0
 [W3C.NOTE-xmldsig-core2-20130411] about the strength of a digital
 signature depending upon all the links in the security chain also
 apply to this specification.
 The TLS Requirements in Section 8 of [JWS] also apply to this
 specification, except that the "x5u" JWK member is the only feature
 defined by this specification using TLS.

9.2. Preventing Disclosure of Non-public Key Information

 Private and symmetric keys MUST be protected from disclosure to
 unintended parties.  One recommended means of doing so is to encrypt
 JWKs or JWK Sets containing them by using the JWK or JWK Set value as
 the plaintext of a JWE.  Of course, this requires that there be a

Jones Standards Track [Page 20] RFC 7517 JSON Web Key (JWK) May 2015

 secure way to obtain the key used to encrypt the non-public key
 information to the intended party and a secure way for that party to
 obtain the corresponding decryption key.
 The security considerations in RFC 3447 [RFC3447] and RFC 6030
 [RFC6030] about protecting private and symmetric keys, key usage, and
 information leakage also apply to this specification.

9.3. RSA Private Key Representations and Blinding

 The RSA Key blinding operation [Kocher], which is a defense against
 some timing attacks, requires all of the RSA key values "n", "e", and
 "d".  However, some RSA private key representations do not include
 the public exponent "e", but only include the modulus "n" and the
 private exponent "d".  This is true, for instance, of the Java
 RSAPrivateKeySpec API, which does not include the public exponent "e"
 as a parameter.  So as to enable RSA key blinding, such
 representations should be avoided.  For Java, the
 RSAPrivateCrtKeySpec API can be used instead.  Section 8.2.2(i) of
 the "Handbook of Applied Cryptography" [HAC] discusses how to compute
 the remaining RSA private key parameters, if needed, using only "n",
 "e", and "d".

9.4. Key Entropy and Random Values

 See Section 10.1 of [JWS] for security considerations on key entropy
 and random values.

10. References

10.1. Normative References

 [ECMAScript]
            Ecma International, "ECMAScript Language Specification,
            5.1 Edition", ECMA Standard 262, June 2011,
            <http://www.ecma-international.org/ecma-262/5.1/
            ECMA-262.pdf>.
 [IANA.MediaTypes]
            Internet Assigned Numbers Authority (IANA), "Media Types",
            <http://www.iana.org/assignments/media-types>.
 [ITU.X690.1994]
            International Telecommunications Union, "Information
            Technology - ASN.1 encoding rules: Specification of Basic
            Encoding Rules (BER), Canonical Encoding Rules (CER) and
            Distinguished Encoding Rules (DER)", ITU-T Recommendation
            X.690, 1994.

Jones Standards Track [Page 21] RFC 7517 JSON Web Key (JWK) May 2015

 [JWA]      Jones, M., "JSON Web Algorithms (JWA)", RFC 7518,
            DOI 10.17487/RFC7518, May 2015,
            <http://www.rfc-editor.org/info/rfc7518>.
 [JWE]      Jones, M. and J. Hildebrand, "JSON Web Encryption (JWE)",
            RFC 7516, DOI 10.17487/RFC7516, May 2015,
            <http://www.rfc-editor.org/info/rfc7516>.
 [JWS]      Jones, M., Bradley, J., and N. Sakimura, "JSON Web
            Signature (JWS)", RFC 7515, DOI 10.17487/RFC7515, May
            2015, <http://www.rfc-editor.org/info/rfc7515>.
 [RFC20]    Cerf, V., "ASCII format for Network Interchange", STD 80,
            RFC 20, DOI 10.17487/RFC0020, October 1969,
            <http://www.rfc-editor.org/info/rfc20>.
 [RFC2046]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
            Extensions (MIME) Part Two: Media Types", RFC 2046,
            DOI 10.17487/RFC2046, November 1996,
            <http://www.rfc-editor.org/info/rfc2046>.
 [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
            Requirement Levels", BCP 14, RFC 2119,
            DOI 10.17487/RFC2119, March 1997,
            <http://www.rfc-editor.org/info/rfc2119>.
 [RFC2818]  Rescorla, E., "HTTP Over TLS", RFC 2818,
            DOI 10.17487/RFC2818, May 2000,
            <http://www.rfc-editor.org/info/rfc2818>.
 [RFC3629]  Yergeau, F., "UTF-8, a transformation format of ISO
            10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November
            2003, <http://www.rfc-editor.org/info/rfc3629>.
 [RFC3986]  Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
            Resource Identifier (URI): Generic Syntax", STD 66,
            RFC 3986, DOI 10.17487/RFC3986, January 2005,
            <http://www.rfc-editor.org/info/rfc3986>.
 [RFC4648]  Josefsson, S., "The Base16, Base32, and Base64 Data
            Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006,
            <http://www.rfc-editor.org/info/rfc4648>.
 [RFC4945]  Korver, B., "The Internet IP Security PKI Profile of
            IKEv1/ISAKMP, IKEv2, and PKIX", RFC 4945,
            DOI 10.17487/RFC4945, August 2007,
            <http://www.rfc-editor.org/info/rfc4945>.

Jones Standards Track [Page 22] RFC 7517 JSON Web Key (JWK) May 2015

 [RFC4949]  Shirey, R., "Internet Security Glossary, Version 2",
            FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007,
            <http://www.rfc-editor.org/info/rfc4949>.
 [RFC5246]  Dierks, T. and E. Rescorla, "The Transport Layer Security
            (TLS) Protocol Version 1.2", RFC 5246,
            DOI 10.17487/RFC5246, August 2008,
            <http://www.rfc-editor.org/info/rfc5246>.
 [RFC5280]  Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
            Housley, R., and W. Polk, "Internet X.509 Public Key
            Infrastructure Certificate and Certificate Revocation List
            (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
            <http://www.rfc-editor.org/info/rfc5280>.
 [RFC6125]  Saint-Andre, P. and J. Hodges, "Representation and
            Verification of Domain-Based Application Service Identity
            within Internet Public Key Infrastructure Using X.509
            (PKIX) Certificates in the Context of Transport Layer
            Security (TLS)", RFC 6125, DOI 10.17487/RFC6125, March
            2011, <http://www.rfc-editor.org/info/rfc6125>.
 [RFC7159]  Bray, T., Ed., "The JavaScript Object Notation (JSON) Data
            Interchange Format", RFC 7159, DOI 10.17487/RFC7159, March
            2014, <http://www.rfc-editor.org/info/rfc7159>.
 [UNICODE]  The Unicode Consortium, "The Unicode Standard",
            <http://www.unicode.org/versions/latest/>.

10.2. Informative References

 [DSS]      National Institute of Standards and Technology (NIST),
            "Digital Signature Standard (DSS)", FIPS PUB 186-4, July
            2013, <http://nvlpubs.nist.gov/nistpubs/FIPS/
            NIST.FIPS.186-4.pdf>.
 [HAC]      Menezes, A., van Oorschot, P., and S. Vanstone, "Handbook
            of Applied Cryptography", CRC Press, October 1996,
            <http://cacr.uwaterloo.ca/hac/>.
 [JWT]      Jones, M., Bradley, J., and N. Sakimura, "JSON Web Token
            (JWT)", RFC 7519, DOI 10.17487/RFC7519, May 2015,
            <http://www.rfc-editor.org/info/rfc7519>.

Jones Standards Track [Page 23] RFC 7517 JSON Web Key (JWK) May 2015

 [Kocher]   Kocher, P., "Timing Attacks on Implementations of
            Diffe-Hellman, RSA, DSS, and Other Systems", In
            Proceedings of the 16th Annual International Cryptology
            Conference Advances in Cryptology, Springer-Verlag, pp.
            104-113, 1996.
 [MagicSignatures]
            Panzer, J., Ed., Laurie, B., and D. Balfanz, "Magic
            Signatures", January 2011,
            <http://salmon-protocol.googlecode.com/svn/trunk/
            draft-panzer-magicsig-01.html>.
 [RFC3447]  Jonsson, J. and B. Kaliski, "Public-Key Cryptography
            Standards (PKCS) #1: RSA Cryptography Specifications
            Version 2.1", RFC 3447, DOI 10.17487/RFC3447, February
            2003, <http://www.rfc-editor.org/info/rfc3447>.
 [RFC5226]  Narten, T. and H. Alvestrand, "Guidelines for Writing an
            IANA Considerations Section in RFCs", BCP 26, RFC 5226,
            DOI 10.17487/RFC5226, May 2008,
            <http://www.rfc-editor.org/info/rfc5226>.
 [RFC6030]  Hoyer, P., Pei, M., and S. Machani, "Portable Symmetric
            Key Container (PSKC)", RFC 6030, DOI 10.17487/RFC6030,
            October 2010, <http://www.rfc-editor.org/info/rfc6030>.
 [RFC6838]  Freed, N., Klensin, J., and T. Hansen, "Media Type
            Specifications and Registration Procedures", BCP 13,
            RFC 6838, DOI 10.17487/RFC6838, January 2013,
            <http://www.rfc-editor.org/info/rfc6838>.
 [W3C.CR-WebCryptoAPI-20141211]
            Sleevi, R. and M. Watson, "Web Cryptography API", World
            Wide Web Consortium Candidate Recommendation
            CR-WebCryptoAPI-20141211, December 2014,
            <http://www.w3.org/TR/2014/CR-WebCryptoAPI-20141211/>.
 [W3C.NOTE-xmldsig-core2-20130411]
            Eastlake, D., Reagle, J., Solo, D., Hirsch, F., Roessler,
            T., Yiu, K., Datta, P., and S. Cantor, "XML Signature
            Syntax and Processing Version 2.0", World Wide Web
            Consortium Note NOTE-xmldsig-core2-20130411, April 2013,
            <http://www.w3.org/TR/2013/NOTE-xmldsig-core2-20130411/>.

Jones Standards Track [Page 24] RFC 7517 JSON Web Key (JWK) May 2015

Appendix A. Example JSON Web Key Sets

A.1. Example Public Keys

 The following example JWK Set contains two public keys represented as
 JWKs: one using an Elliptic Curve algorithm and a second one using an
 RSA algorithm.  The first specifies that the key is to be used for
 encryption.  The second specifies that the key is to be used with the
 "RS256" algorithm.  Both provide a key ID for key matching purposes.
 In both cases, integers are represented using the base64url encoding
 of their big-endian representations.  (Line breaks within values are
 for display purposes only.)
   {"keys":
     [
       {"kty":"EC",
        "crv":"P-256",
        "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
        "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
        "use":"enc",
        "kid":"1"},
       {"kty":"RSA",
        "n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx
   4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs
   tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2
   QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI
   SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb
   w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw",
        "e":"AQAB",
        "alg":"RS256",
        "kid":"2011-04-29"}
     ]
   }

A.2. Example Private Keys

 The following example JWK Set contains two keys represented as JWKs
 containing both public and private key values: one using an Elliptic
 Curve algorithm and a second one using an RSA algorithm.  This
 example extends the example in the previous section, adding private
 key values.  (Line breaks within values are for display purposes
 only.)

Jones Standards Track [Page 25] RFC 7517 JSON Web Key (JWK) May 2015

   {"keys":
     [
       {"kty":"EC",
        "crv":"P-256",
        "x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
        "y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
        "d":"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE",
        "use":"enc",
        "kid":"1"},
       {"kty":"RSA",
        "n":"0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx4
   cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMst
   n64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2Q
   vzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbIS
   D08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqbw
   0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw",
        "e":"AQAB",
        "d":"X4cTteJY_gn4FYPsXB8rdXix5vwsg1FLN5E3EaG6RJoVH-HLLKD9
   M7dx5oo7GURknchnrRweUkC7hT5fJLM0WbFAKNLWY2vv7B6NqXSzUvxT0_YSfqij
   wp3RTzlBaCxWp4doFk5N2o8Gy_nHNKroADIkJ46pRUohsXywbReAdYaMwFs9tv8d
   _cPVY3i07a3t8MN6TNwm0dSawm9v47UiCl3Sk5ZiG7xojPLu4sbg1U2jx4IBTNBz
   nbJSzFHK66jT8bgkuqsk0GjskDJk19Z4qwjwbsnn4j2WBii3RL-Us2lGVkY8fkFz
   me1z0HbIkfz0Y6mqnOYtqc0X4jfcKoAC8Q",
        "p":"83i-7IvMGXoMXCskv73TKr8637FiO7Z27zv8oj6pbWUQyLPQBQxtPV
   nwD20R-60eTDmD2ujnMt5PoqMrm8RfmNhVWDtjjMmCMjOpSXicFHj7XOuVIYQyqV
   WlWEh6dN36GVZYk93N8Bc9vY41xy8B9RzzOGVQzXvNEvn7O0nVbfs",
        "q":"3dfOR9cuYq-0S-mkFLzgItgMEfFzB2q3hWehMuG0oCuqnb3vobLyum
   qjVZQO1dIrdwgTnCdpYzBcOfW5r370AFXjiWft_NGEiovonizhKpo9VVS78TzFgx
   kIdrecRezsZ-1kYd_s1qDbxtkDEgfAITAG9LUnADun4vIcb6yelxk",
        "dp":"G4sPXkc6Ya9y8oJW9_ILj4xuppu0lzi_H7VTkS8xj5SdX3coE0oim
   YwxIi2emTAue0UOa5dpgFGyBJ4c8tQ2VF402XRugKDTP8akYhFo5tAA77Qe_Nmtu
   YZc3C3m3I24G2GvR5sSDxUyAN2zq8Lfn9EUms6rY3Ob8YeiKkTiBj0",
        "dq":"s9lAH9fggBsoFR8Oac2R_E2gw282rT2kGOAhvIllETE1efrA6huUU
   vMfBcMpn8lqeW6vzznYY5SSQF7pMdC_agI3nG8Ibp1BUb0JUiraRNqUfLhcQb_d9
   GF4Dh7e74WbRsobRonujTYN1xCaP6TO61jvWrX-L18txXw494Q_cgk",
        "qi":"GyM_p6JrXySiz1toFgKbWV-JdI3jQ4ypu9rbMWx3rQJBfmt0FoYzg
   UIZEVFEcOqwemRN81zoDAaa-Bk0KWNGDjJHZDdDmFhW3AN7lI-puxk_mHZGJ11rx
   yR8O55XLSe3SPmRfKwZI6yU24ZxvQKFYItdldUKGzO6Ia6zTKhAVRU",
        "alg":"RS256",
        "kid":"2011-04-29"}
     ]
   }

Jones Standards Track [Page 26] RFC 7517 JSON Web Key (JWK) May 2015

A.3. Example Symmetric Keys

 The following example JWK Set contains two symmetric keys represented
 as JWKs: one designated as being for use with the AES Key Wrap
 algorithm and a second one that is an HMAC key.  (Line breaks within
 values are for display purposes only.)
   {"keys":
     [
       {"kty":"oct",
        "alg":"A128KW",
        "k":"GawgguFyGrWKav7AX4VKUg"},
       {"kty":"oct",
        "k":"AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75
   aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow",
        "kid":"HMAC key used in JWS spec Appendix A.1 example"}
     ]
   }

Jones Standards Track [Page 27] RFC 7517 JSON Web Key (JWK) May 2015

Appendix B. Example Use of "x5c" (X.509 Certificate Chain) Parameter

 The following is an example of a JWK with a RSA signing key
 represented both as an RSA public key and as an X.509 certificate
 using the "x5c" parameter (with line breaks within values for display
 purposes only):
   {"kty":"RSA",
    "use":"sig",
    "kid":"1b94c",
    "n":"vrjOfz9Ccdgx5nQudyhdoR17V-IubWMeOZCwX_jj0hgAsz2J_pqYW08
    PLbK_PdiVGKPrqzmDIsLI7sA25VEnHU1uCLNwBuUiCO11_-7dYbsr4iJmG0Q
    u2j8DsVyT1azpJC_NG84Ty5KKthuCaPod7iI7w0LK9orSMhBEwwZDCxTWq4a
    YWAchc8t-emd9qOvWtVMDC2BXksRngh6X5bUYLy6AyHKvj-nUy1wgzjYQDwH
    MTplCoLtU-o-8SNnZ1tmRoGE9uJkBLdh5gFENabWnU5m1ZqZPdwS-qo-meMv
    VfJb6jJVWRpl2SUtCnYG2C32qvbWbjZ_jBPD5eunqsIo1vQ",
    "e":"AQAB",
    "x5c":
     ["MIIDQjCCAiqgAwIBAgIGATz/FuLiMA0GCSqGSIb3DQEBBQUAMGIxCzAJB
     gNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMRwwGgYD
     VQQKExNQaW5nIElkZW50aXR5IENvcnAuMRcwFQYDVQQDEw5CcmlhbiBDYW1
     wYmVsbDAeFw0xMzAyMjEyMzI5MTVaFw0xODA4MTQyMjI5MTVaMGIxCzAJBg
     NVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMRwwGgYDV
     QQKExNQaW5nIElkZW50aXR5IENvcnAuMRcwFQYDVQQDEw5CcmlhbiBDYW1w
     YmVsbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL64zn8/QnH
     YMeZ0LncoXaEde1fiLm1jHjmQsF/449IYALM9if6amFtPDy2yvz3YlRij66
     s5gyLCyO7ANuVRJx1NbgizcAblIgjtdf/u3WG7K+IiZhtELto/A7Fck9Ws6
     SQvzRvOE8uSirYbgmj6He4iO8NCyvaK0jIQRMMGQwsU1quGmFgHIXPLfnpn
     fajr1rVTAwtgV5LEZ4Iel+W1GC8ugMhyr4/p1MtcIM42EA8BzE6ZQqC7VPq
     PvEjZ2dbZkaBhPbiZAS3YeYBRDWm1p1OZtWamT3cEvqqPpnjL1XyW+oyVVk
     aZdklLQp2Btgt9qr21m42f4wTw+Xrp6rCKNb0CAwEAATANBgkqhkiG9w0BA
     QUFAAOCAQEAh8zGlfSlcI0o3rYDPBB07aXNswb4ECNIKG0CETTUxmXl9KUL
     +9gGlqCz5iWLOgWsnrcKcY0vXPG9J1r9AqBNTqNgHq2G03X09266X5CpOe1
     zFo+Owb1zxtp3PehFdfQJ610CDLEaS9V9Rqp17hCyybEpOGVwe8fnk+fbEL
     2Bo3UPGrpsHzUoaGpDftmWssZkhpBJKVMJyf/RuP2SmmaIzmnw9JiSlYhzo
     4tpzd5rFXhjRbg4zW9C+2qok+2+qDM1iJ684gPHMIY8aLWrdgQTxkumGmTq
     gawR+N5MDtdPTEQ0XfIBc2cJEUyMTY5MPvACWpkA6SdS4xSvdXK3IVfOWA=="]
   }

Appendix C. Example Encrypted RSA Private Key

 This example encrypts an RSA private key to the recipient using
 "PBES2-HS256+A128KW" for key encryption and "A128CBC+HS256" for
 content encryption.
 NOTE: Unless otherwise indicated, all line breaks are included solely
 for readability.

Jones Standards Track [Page 28] RFC 7517 JSON Web Key (JWK) May 2015

C.1. Plaintext RSA Private Key

 The following RSA key is the plaintext for the authenticated
 encryption operation, formatted as a JWK (with line breaks within
 values for display purposes only):
   {
    "kty":"RSA",
    "kid":"juliet@capulet.lit",
    "use":"enc",
    "n":"t6Q8PWSi1dkJj9hTP8hNYFlvadM7DflW9mWepOJhJ66w7nyoK1gPNqFMSQRy
         O125Gp-TEkodhWr0iujjHVx7BcV0llS4w5ACGgPrcAd6ZcSR0-Iqom-QFcNP
         8Sjg086MwoqQU_LYywlAGZ21WSdS_PERyGFiNnj3QQlO8Yns5jCtLCRwLHL0
         Pb1fEv45AuRIuUfVcPySBWYnDyGxvjYGDSM-AqWS9zIQ2ZilgT-GqUmipg0X
         OC0Cc20rgLe2ymLHjpHciCKVAbY5-L32-lSeZO-Os6U15_aXrk9Gw8cPUaX1
         _I8sLGuSiVdt3C_Fn2PZ3Z8i744FPFGGcG1qs2Wz-Q",
    "e":"AQAB",
    "d":"GRtbIQmhOZtyszfgKdg4u_N-R_mZGU_9k7JQ_jn1DnfTuMdSNprTeaSTyWfS
         NkuaAwnOEbIQVy1IQbWVV25NY3ybc_IhUJtfri7bAXYEReWaCl3hdlPKXy9U
         vqPYGR0kIXTQRqns-dVJ7jahlI7LyckrpTmrM8dWBo4_PMaenNnPiQgO0xnu
         ToxutRZJfJvG4Ox4ka3GORQd9CsCZ2vsUDmsXOfUENOyMqADC6p1M3h33tsu
         rY15k9qMSpG9OX_IJAXmxzAh_tWiZOwk2K4yxH9tS3Lq1yX8C1EWmeRDkK2a
         hecG85-oLKQt5VEpWHKmjOi_gJSdSgqcN96X52esAQ",
    "p":"2rnSOV4hKSN8sS4CgcQHFbs08XboFDqKum3sc4h3GRxrTmQdl1ZK9uw-PIHf
         QP0FkxXVrx-WE-ZEbrqivH_2iCLUS7wAl6XvARt1KkIaUxPPSYB9yk31s0Q8
         UK96E3_OrADAYtAJs-M3JxCLfNgqh56HDnETTQhH3rCT5T3yJws",
    "q":"1u_RiFDP7LBYh3N4GXLT9OpSKYP0uQZyiaZwBtOCBNJgQxaj10RWjsZu0c6I
         edis4S7B_coSKB0Kj9PaPaBzg-IySRvvcQuPamQu66riMhjVtG6TlV8CLCYK
         rYl52ziqK0E_ym2QnkwsUX7eYTB7LbAHRK9GqocDE5B0f808I4s",
    "dp":"KkMTWqBUefVwZ2_Dbj1pPQqyHSHjj90L5x_MOzqYAJMcLMZtbUtwKqvVDq3
         tbEo3ZIcohbDtt6SbfmWzggabpQxNxuBpoOOf_a_HgMXK_lhqigI4y_kqS1w
         Y52IwjUn5rgRrJ-yYo1h41KR-vz2pYhEAeYrhttWtxVqLCRViD6c",
    "dq":"AvfS0-gRxvn0bwJoMSnFxYcK1WnuEjQFluMGfwGitQBWtfZ1Er7t1xDkbN9
         GQTB9yqpDoYaN06H7CFtrkxhJIBQaj6nkF5KKS3TQtQ5qCzkOkmxIe3KRbBy
         mXxkb5qwUpX5ELD5xFc6FeiafWYY63TmmEAu_lRFCOJ3xDea-ots",
    "qi":"lSQi-w9CpyUReMErP1RsBLk7wNtOvs5EQpPqmuMvqW57NBUczScEoPwmUqq
         abu9V0-Py4dQ57_bapoKRu1R90bvuFnU63SHWEFglZQvJDMeAvmj4sm-Fp0o
         Yu_neotgQ0hzbI5gry7ajdYy9-2lNx_76aBZoOUu9HCJ-UsfSOI8"
   }
 The octets representing the plaintext used in this example (using
 JSON array notation) are:
 [123, 34, 107, 116, 121, 34, 58, 34, 82, 83, 65, 34, 44, 34, 107,
 105, 100, 34, 58, 34, 106, 117, 108, 105, 101, 116, 64, 99, 97, 112,
 117, 108, 101, 116, 46, 108, 105, 116, 34, 44, 34, 117, 115, 101, 34,
 58, 34, 101, 110, 99, 34, 44, 34, 110, 34, 58, 34, 116, 54, 81, 56,
 80, 87, 83, 105, 49, 100, 107, 74, 106, 57, 104, 84, 80, 56, 104, 78,

Jones Standards Track [Page 29] RFC 7517 JSON Web Key (JWK) May 2015

 89, 70, 108, 118, 97, 100, 77, 55, 68, 102, 108, 87, 57, 109, 87,
 101, 112, 79, 74, 104, 74, 54, 54, 119, 55, 110, 121, 111, 75, 49,
 103, 80, 78, 113, 70, 77, 83, 81, 82, 121, 79, 49, 50, 53, 71, 112,
 45, 84, 69, 107, 111, 100, 104, 87, 114, 48, 105, 117, 106, 106, 72,
 86, 120, 55, 66, 99, 86, 48, 108, 108, 83, 52, 119, 53, 65, 67, 71,
 103, 80, 114, 99, 65, 100, 54, 90, 99, 83, 82, 48, 45, 73, 113, 111,
 109, 45, 81, 70, 99, 78, 80, 56, 83, 106, 103, 48, 56, 54, 77, 119,
 111, 113, 81, 85, 95, 76, 89, 121, 119, 108, 65, 71, 90, 50, 49, 87,
 83, 100, 83, 95, 80, 69, 82, 121, 71, 70, 105, 78, 110, 106, 51, 81,
 81, 108, 79, 56, 89, 110, 115, 53, 106, 67, 116, 76, 67, 82, 119, 76,
 72, 76, 48, 80, 98, 49, 102, 69, 118, 52, 53, 65, 117, 82, 73, 117,
 85, 102, 86, 99, 80, 121, 83, 66, 87, 89, 110, 68, 121, 71, 120, 118,
 106, 89, 71, 68, 83, 77, 45, 65, 113, 87, 83, 57, 122, 73, 81, 50,
 90, 105, 108, 103, 84, 45, 71, 113, 85, 109, 105, 112, 103, 48, 88,
 79, 67, 48, 67, 99, 50, 48, 114, 103, 76, 101, 50, 121, 109, 76, 72,
 106, 112, 72, 99, 105, 67, 75, 86, 65, 98, 89, 53, 45, 76, 51, 50,
 45, 108, 83, 101, 90, 79, 45, 79, 115, 54, 85, 49, 53, 95, 97, 88,
 114, 107, 57, 71, 119, 56, 99, 80, 85, 97, 88, 49, 95, 73, 56, 115,
 76, 71, 117, 83, 105, 86, 100, 116, 51, 67, 95, 70, 110, 50, 80, 90,
 51, 90, 56, 105, 55, 52, 52, 70, 80, 70, 71, 71, 99, 71, 49, 113,
 115, 50, 87, 122, 45, 81, 34, 44, 34, 101, 34, 58, 34, 65, 81, 65,
 66, 34, 44, 34, 100, 34, 58, 34, 71, 82, 116, 98, 73, 81, 109, 104,
 79, 90, 116, 121, 115, 122, 102, 103, 75, 100, 103, 52, 117, 95, 78,
 45, 82, 95, 109, 90, 71, 85, 95, 57, 107, 55, 74, 81, 95, 106, 110,
 49, 68, 110, 102, 84, 117, 77, 100, 83, 78, 112, 114, 84, 101, 97,
 83, 84, 121, 87, 102, 83, 78, 107, 117, 97, 65, 119, 110, 79, 69, 98,
 73, 81, 86, 121, 49, 73, 81, 98, 87, 86, 86, 50, 53, 78, 89, 51, 121,
 98, 99, 95, 73, 104, 85, 74, 116, 102, 114, 105, 55, 98, 65, 88, 89,
 69, 82, 101, 87, 97, 67, 108, 51, 104, 100, 108, 80, 75, 88, 121, 57,
 85, 118, 113, 80, 89, 71, 82, 48, 107, 73, 88, 84, 81, 82, 113, 110,
 115, 45, 100, 86, 74, 55, 106, 97, 104, 108, 73, 55, 76, 121, 99,
 107, 114, 112, 84, 109, 114, 77, 56, 100, 87, 66, 111, 52, 95, 80,
 77, 97, 101, 110, 78, 110, 80, 105, 81, 103, 79, 48, 120, 110, 117,
 84, 111, 120, 117, 116, 82, 90, 74, 102, 74, 118, 71, 52, 79, 120,
 52, 107, 97, 51, 71, 79, 82, 81, 100, 57, 67, 115, 67, 90, 50, 118,
 115, 85, 68, 109, 115, 88, 79, 102, 85, 69, 78, 79, 121, 77, 113, 65,
 68, 67, 54, 112, 49, 77, 51, 104, 51, 51, 116, 115, 117, 114, 89, 49,
 53, 107, 57, 113, 77, 83, 112, 71, 57, 79, 88, 95, 73, 74, 65, 88,
 109, 120, 122, 65, 104, 95, 116, 87, 105, 90, 79, 119, 107, 50, 75,
 52, 121, 120, 72, 57, 116, 83, 51, 76, 113, 49, 121, 88, 56, 67, 49,
 69, 87, 109, 101, 82, 68, 107, 75, 50, 97, 104, 101, 99, 71, 56, 53,
 45, 111, 76, 75, 81, 116, 53, 86, 69, 112, 87, 72, 75, 109, 106, 79,
 105, 95, 103, 74, 83, 100, 83, 103, 113, 99, 78, 57, 54, 88, 53, 50,
 101, 115, 65, 81, 34, 44, 34, 112, 34, 58, 34, 50, 114, 110, 83, 79,
 86, 52, 104, 75, 83, 78, 56, 115, 83, 52, 67, 103, 99, 81, 72, 70,
 98, 115, 48, 56, 88, 98, 111, 70, 68, 113, 75, 117, 109, 51, 115, 99,
 52, 104, 51, 71, 82, 120, 114, 84, 109, 81, 100, 108, 49, 90, 75, 57,
 117, 119, 45, 80, 73, 72, 102, 81, 80, 48, 70, 107, 120, 88, 86, 114,

Jones Standards Track [Page 30] RFC 7517 JSON Web Key (JWK) May 2015

 120, 45, 87, 69, 45, 90, 69, 98, 114, 113, 105, 118, 72, 95, 50, 105,
 67, 76, 85, 83, 55, 119, 65, 108, 54, 88, 118, 65, 82, 116, 49, 75,
 107, 73, 97, 85, 120, 80, 80, 83, 89, 66, 57, 121, 107, 51, 49, 115,
 48, 81, 56, 85, 75, 57, 54, 69, 51, 95, 79, 114, 65, 68, 65, 89, 116,
 65, 74, 115, 45, 77, 51, 74, 120, 67, 76, 102, 78, 103, 113, 104, 53,
 54, 72, 68, 110, 69, 84, 84, 81, 104, 72, 51, 114, 67, 84, 53, 84,
 51, 121, 74, 119, 115, 34, 44, 34, 113, 34, 58, 34, 49, 117, 95, 82,
 105, 70, 68, 80, 55, 76, 66, 89, 104, 51, 78, 52, 71, 88, 76, 84, 57,
 79, 112, 83, 75, 89, 80, 48, 117, 81, 90, 121, 105, 97, 90, 119, 66,
 116, 79, 67, 66, 78, 74, 103, 81, 120, 97, 106, 49, 48, 82, 87, 106,
 115, 90, 117, 48, 99, 54, 73, 101, 100, 105, 115, 52, 83, 55, 66, 95,
 99, 111, 83, 75, 66, 48, 75, 106, 57, 80, 97, 80, 97, 66, 122, 103,
 45, 73, 121, 83, 82, 118, 118, 99, 81, 117, 80, 97, 109, 81, 117, 54,
 54, 114, 105, 77, 104, 106, 86, 116, 71, 54, 84, 108, 86, 56, 67, 76,
 67, 89, 75, 114, 89, 108, 53, 50, 122, 105, 113, 75, 48, 69, 95, 121,
 109, 50, 81, 110, 107, 119, 115, 85, 88, 55, 101, 89, 84, 66, 55, 76,
 98, 65, 72, 82, 75, 57, 71, 113, 111, 99, 68, 69, 53, 66, 48, 102,
 56, 48, 56, 73, 52, 115, 34, 44, 34, 100, 112, 34, 58, 34, 75, 107,
 77, 84, 87, 113, 66, 85, 101, 102, 86, 119, 90, 50, 95, 68, 98, 106,
 49, 112, 80, 81, 113, 121, 72, 83, 72, 106, 106, 57, 48, 76, 53, 120,
 95, 77, 79, 122, 113, 89, 65, 74, 77, 99, 76, 77, 90, 116, 98, 85,
 116, 119, 75, 113, 118, 86, 68, 113, 51, 116, 98, 69, 111, 51, 90,
 73, 99, 111, 104, 98, 68, 116, 116, 54, 83, 98, 102, 109, 87, 122,
 103, 103, 97, 98, 112, 81, 120, 78, 120, 117, 66, 112, 111, 79, 79,
 102, 95, 97, 95, 72, 103, 77, 88, 75, 95, 108, 104, 113, 105, 103,
 73, 52, 121, 95, 107, 113, 83, 49, 119, 89, 53, 50, 73, 119, 106, 85,
 110, 53, 114, 103, 82, 114, 74, 45, 121, 89, 111, 49, 104, 52, 49,
 75, 82, 45, 118, 122, 50, 112, 89, 104, 69, 65, 101, 89, 114, 104,
 116, 116, 87, 116, 120, 86, 113, 76, 67, 82, 86, 105, 68, 54, 99, 34,
 44, 34, 100, 113, 34, 58, 34, 65, 118, 102, 83, 48, 45, 103, 82, 120,
 118, 110, 48, 98, 119, 74, 111, 77, 83, 110, 70, 120, 89, 99, 75, 49,
 87, 110, 117, 69, 106, 81, 70, 108, 117, 77, 71, 102, 119, 71, 105,
 116, 81, 66, 87, 116, 102, 90, 49, 69, 114, 55, 116, 49, 120, 68,
 107, 98, 78, 57, 71, 81, 84, 66, 57, 121, 113, 112, 68, 111, 89, 97,
 78, 48, 54, 72, 55, 67, 70, 116, 114, 107, 120, 104, 74, 73, 66, 81,
 97, 106, 54, 110, 107, 70, 53, 75, 75, 83, 51, 84, 81, 116, 81, 53,
 113, 67, 122, 107, 79, 107, 109, 120, 73, 101, 51, 75, 82, 98, 66,
 121, 109, 88, 120, 107, 98, 53, 113, 119, 85, 112, 88, 53, 69, 76,
 68, 53, 120, 70, 99, 54, 70, 101, 105, 97, 102, 87, 89, 89, 54, 51,
 84, 109, 109, 69, 65, 117, 95, 108, 82, 70, 67, 79, 74, 51, 120, 68,
 101, 97, 45, 111, 116, 115, 34, 44, 34, 113, 105, 34, 58, 34, 108,
 83, 81, 105, 45, 119, 57, 67, 112, 121, 85, 82, 101, 77, 69, 114, 80,
 49, 82, 115, 66, 76, 107, 55, 119, 78, 116, 79, 118, 115, 53, 69, 81,
 112, 80, 113, 109, 117, 77, 118, 113, 87, 53, 55, 78, 66, 85, 99,
 122, 83, 99, 69, 111, 80, 119, 109, 85, 113, 113, 97, 98, 117, 57,
 86, 48, 45, 80, 121, 52, 100, 81, 53, 55, 95, 98, 97, 112, 111, 75,
 82, 117, 49, 82, 57, 48, 98, 118, 117, 70, 110, 85, 54, 51, 83, 72,
 87, 69, 70, 103, 108, 90, 81, 118, 74, 68, 77, 101, 65, 118, 109,

Jones Standards Track [Page 31] RFC 7517 JSON Web Key (JWK) May 2015

 106, 52, 115, 109, 45, 70, 112, 48, 111, 89, 117, 95, 110, 101, 111,
 116, 103, 81, 48, 104, 122, 98, 73, 53, 103, 114, 121, 55, 97, 106,
 100, 89, 121, 57, 45, 50, 108, 78, 120, 95, 55, 54, 97, 66, 90, 111,
 79, 85, 117, 57, 72, 67, 74, 45, 85, 115, 102, 83, 79, 73, 56, 34,
 125]

C.2. JOSE Header

 The following example JWE Protected Header declares that:
 o  the Content Encryption Key is encrypted to the recipient using the
    PSE2-HS256+A128KW algorithm to produce the JWE Encrypted Key,
 o  the Salt Input ("p2s") value is [217, 96, 147, 112, 150, 117, 70,
    247, 127, 8, 155, 137, 174, 42, 80, 215],
 o  the Iteration Count ("p2c") value is 4096,
 o  authenticated encryption is performed on the plaintext using the
    AES_128_CBC_HMAC_SHA_256 algorithm to produce the ciphertext and
    the Authentication Tag, and
 o  the content type is application/jwk+json.
   {
    "alg":"PBES2-HS256+A128KW",
    "p2s":"2WCTcJZ1Rvd_CJuJripQ1w",
    "p2c":4096,
    "enc":"A128CBC-HS256",
    "cty":"jwk+json"
   }
 Encoding this JWE Protected Header as BASE64URL(UTF8(JWE Protected
 Header)) gives this value (with line breaks for display purposes
 only):
   eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJwMnMiOiIyV0NUY0paMVJ2ZF9DSn
   VKcmlwUTF3IiwicDJjIjo0MDk2LCJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiY3R5Ijoi
   andrK2pzb24ifQ

C.3. Content Encryption Key (CEK)

 Generate a 256-bit random Content Encryption Key (CEK).  In this
 example, the value (using JSON array notation) is:
 [111, 27, 25, 52, 66, 29, 20, 78, 92, 176, 56, 240, 65, 208, 82, 112,
 161, 131, 36, 55, 202, 236, 185, 172, 129, 23, 153, 194, 195, 48,
 253, 182]

Jones Standards Track [Page 32] RFC 7517 JSON Web Key (JWK) May 2015

C.4. Key Derivation

 Derive a key from a shared passphrase using the PBKDF2 algorithm with
 HMAC SHA-256 and the specified Salt and Iteration Count values and a
 128-bit requested output key size to produce the PBKDF2 Derived Key.
 This example uses the following passphrase:
   Thus from my lips, by yours, my sin is purged.
 The octets representing the passphrase are:
 [84, 104, 117, 115, 32, 102, 114, 111, 109, 32, 109, 121, 32, 108,
 105, 112, 115, 44, 32, 98, 121, 32, 121, 111, 117, 114, 115, 44, 32,
 109, 121, 32, 115, 105, 110, 32, 105, 115, 32, 112, 117, 114, 103,
 101, 100, 46]
 The Salt value (UTF8(Alg) || 0x00 || Salt Input) is:
 [80, 66, 69, 83, 50, 45, 72, 83, 50, 53, 54, 43, 65, 49, 50, 56, 75,
 87, 0, 217, 96, 147, 112, 150, 117, 70, 247, 127, 8, 155, 137, 174,
 42, 80, 215].
 The resulting PBKDF2 Derived Key value is:
 [110, 171, 169, 92, 129, 92, 109, 117, 233, 242, 116, 233, 170, 14,
 24, 75]

C.5. Key Encryption

 Encrypt the CEK with the "A128KW" algorithm using the PBKDF2 Derived
 Key.  The resulting JWE Encrypted Key value is:
 [78, 186, 151, 59, 11, 141, 81, 240, 213, 245, 83, 211, 53, 188, 134,
 188, 66, 125, 36, 200, 222, 124, 5, 103, 249, 52, 117, 184, 140, 81,
 246, 158, 161, 177, 20, 33, 245, 57, 59, 4]
 Encoding this JWE Encrypted Key as BASE64URL(JWE Encrypted Key) gives
 this value:
   TrqXOwuNUfDV9VPTNbyGvEJ9JMjefAVn-TR1uIxR9p6hsRQh9Tk7BA

C.6. Initialization Vector

 Generate a random 128-bit JWE Initialization Vector.  In this
 example, the value is:
 [97, 239, 99, 214, 171, 54, 216, 57, 145, 72, 7, 93, 34, 31, 149,
 156]

Jones Standards Track [Page 33] RFC 7517 JSON Web Key (JWK) May 2015

 Encoding this JWE Initialization Vector as BASE64URL(JWE
 Initialization Vector) gives this value:
   Ye9j1qs22DmRSAddIh-VnA

C.7. Additional Authenticated Data

 Let the Additional Authenticated Data encryption parameter be
 ASCII(BASE64URL(UTF8(JWE Protected Header))).  This value is:
 [123, 34, 97, 108, 103, 34, 58, 34, 80, 66, 69, 83, 50, 45, 72, 83,
 50, 53, 54, 43, 65, 49, 50, 56, 75, 87, 34, 44, 34, 112, 50, 115, 34,
 58, 34, 50, 87, 67, 84, 99, 74, 90, 49, 82, 118, 100, 95, 67, 74,
 117, 74, 114, 105, 112, 81, 49, 119, 34, 44, 34, 112, 50, 99, 34, 58,
 52, 48, 57, 54, 44, 34, 101, 110, 99, 34, 58, 34, 65, 49, 50, 56, 67,
 66, 67, 45, 72, 83, 50, 53, 54, 34, 44, 34, 99, 116, 121, 34, 58, 34,
 106, 119, 107, 43, 106, 115, 111, 110, 34, 125]

C.8. Content Encryption

 Perform authenticated encryption on the plaintext with the
 AES_128_CBC_HMAC_SHA_256 algorithm using the CEK as the encryption
 key, the JWE Initialization Vector, and the Additional Authenticated
 Data value above.  The resulting ciphertext is:
 [3, 8, 65, 242, 92, 107, 148, 168, 197, 159, 77, 139, 25, 97, 42,
 131, 110, 199, 225, 56, 61, 127, 38, 64, 108, 91, 247, 167, 150, 98,
 112, 122, 99, 235, 132, 50, 28, 46, 56, 170, 169, 89, 220, 145, 38,
 157, 148, 224, 66, 140, 8, 169, 146, 117, 222, 54, 242, 28, 31, 11,
 129, 227, 226, 169, 66, 117, 133, 254, 140, 216, 115, 203, 131, 60,
 60, 47, 233, 132, 121, 13, 35, 188, 53, 19, 172, 77, 59, 54, 211,
 158, 172, 25, 60, 111, 0, 80, 201, 158, 160, 210, 68, 55, 12, 67,
 136, 130, 87, 216, 197, 95, 62, 20, 155, 205, 5, 140, 27, 168, 221,
 65, 114, 78, 157, 254, 46, 206, 182, 52, 135, 87, 239, 3, 34, 186,
 126, 220, 151, 17, 33, 237, 57, 96, 172, 183, 58, 45, 248, 103, 241,
 142, 136, 7, 53, 16, 173, 181, 7, 93, 92, 252, 1, 53, 212, 242, 8,
 255, 11, 239, 181, 24, 148, 136, 111, 24, 161, 244, 23, 106, 69, 157,
 215, 243, 189, 240, 166, 169, 249, 72, 38, 201, 99, 223, 173, 229, 9,
 222, 82, 79, 157, 176, 248, 85, 239, 121, 163, 1, 31, 48, 98, 206,
 61, 249, 104, 216, 201, 227, 105, 48, 194, 193, 10, 36, 160, 159,
 241, 166, 84, 54, 188, 211, 243, 242, 40, 46, 45, 193, 193, 160, 169,
 101, 201, 1, 73, 47, 105, 142, 88, 28, 42, 132, 26, 61, 58, 63, 142,
 243, 77, 26, 179, 153, 166, 46, 203, 208, 49, 55, 229, 34, 178, 4,
 109, 180, 204, 204, 115, 1, 103, 193, 5, 91, 215, 214, 195, 1, 110,
 208, 53, 144, 36, 105, 12, 54, 25, 129, 101, 15, 183, 150, 250, 147,
 115, 227, 58, 250, 5, 128, 232, 63, 15, 14, 19, 141, 124, 253, 142,
 137, 189, 135, 26, 44, 240, 27, 88, 132, 105, 127, 6, 71, 37, 41,
 124, 187, 165, 140, 34, 200, 123, 80, 228, 24, 231, 176, 132, 171,

Jones Standards Track [Page 34] RFC 7517 JSON Web Key (JWK) May 2015

 138, 145, 152, 116, 224, 50, 141, 51, 147, 91, 186, 7, 246, 106, 217,
 148, 244, 227, 244, 45, 220, 121, 165, 224, 148, 181, 17, 181, 128,
 197, 101, 237, 11, 169, 229, 149, 199, 78, 56, 15, 14, 190, 91, 216,
 222, 247, 213, 74, 40, 8, 96, 20, 168, 119, 96, 26, 24, 52, 37, 82,
 127, 57, 176, 147, 118, 59, 7, 224, 33, 117, 72, 155, 29, 82, 26,
 215, 189, 140, 119, 28, 152, 118, 93, 222, 194, 192, 148, 115, 83,
 253, 216, 212, 108, 88, 83, 175, 172, 220, 97, 79, 110, 42, 223, 170,
 161, 34, 164, 144, 193, 76, 122, 92, 160, 41, 178, 175, 6, 35, 96,
 113, 96, 158, 90, 129, 101, 26, 45, 70, 180, 189, 230, 15, 5, 247,
 150, 209, 94, 171, 26, 13, 142, 212, 129, 1, 176, 5, 0, 112, 203,
 174, 185, 119, 76, 233, 189, 54, 172, 189, 245, 223, 253, 205, 12,
 88, 9, 126, 157, 225, 90, 40, 229, 191, 63, 30, 160, 224, 69, 3, 140,
 109, 70, 89, 37, 213, 245, 194, 210, 180, 188, 63, 210, 139, 221, 2,
 144, 200, 20, 177, 216, 29, 227, 242, 106, 12, 135, 142, 139, 144,
 82, 225, 162, 171, 176, 108, 99, 6, 43, 193, 161, 116, 234, 216, 1,
 242, 21, 124, 162, 98, 205, 124, 193, 38, 12, 242, 90, 101, 76, 204,
 184, 124, 58, 180, 16, 240, 26, 76, 195, 250, 212, 191, 185, 191, 97,
 198, 186, 73, 225, 75, 14, 90, 123, 121, 172, 101, 50, 160, 221, 141,
 253, 205, 126, 77, 9, 87, 198, 110, 104, 182, 141, 120, 51, 25, 232,
 3, 32, 80, 6, 156, 8, 18, 4, 135, 221, 142, 25, 135, 2, 129, 132,
 115, 227, 74, 141, 28, 119, 11, 141, 117, 134, 198, 62, 150, 254, 97,
 75, 197, 251, 99, 89, 204, 224, 226, 67, 83, 175, 89, 0, 81, 29, 38,
 207, 89, 140, 255, 197, 177, 164, 128, 62, 116, 224, 180, 109, 169,
 28, 2, 59, 176, 130, 252, 44, 178, 81, 24, 181, 176, 75, 44, 61, 91,
 12, 37, 21, 255, 83, 130, 197, 16, 231, 60, 217, 56, 131, 118, 168,
 202, 58, 52, 84, 124, 162, 185, 174, 162, 226, 242, 112, 68, 246,
 202, 16, 208, 52, 154, 58, 129, 80, 102, 33, 171, 6, 186, 177, 14,
 195, 88, 136, 6, 0, 155, 28, 100, 162, 207, 162, 222, 117, 248, 170,
 208, 114, 87, 31, 57, 176, 33, 57, 83, 253, 12, 168, 110, 194, 59,
 22, 86, 48, 227, 196, 22, 176, 218, 122, 149, 21, 249, 195, 178, 174,
 250, 20, 34, 120, 60, 139, 201, 99, 40, 18, 177, 17, 54, 54, 6, 3,
 222, 128, 160, 88, 11, 27, 0, 81, 192, 36, 41, 169, 146, 8, 47, 64,
 136, 28, 64, 209, 67, 135, 202, 20, 234, 182, 91, 204, 146, 195, 187,
 0, 72, 77, 11, 111, 152, 204, 252, 177, 212, 89, 33, 50, 132, 184,
 44, 183, 186, 19, 250, 69, 176, 201, 102, 140, 14, 143, 212, 212,
 160, 123, 208, 185, 27, 155, 68, 77, 133, 198, 2, 126, 155, 215, 22,
 91, 30, 217, 176, 172, 244, 156, 174, 143, 75, 90, 21, 102, 1, 160,
 59, 253, 188, 88, 57, 185, 197, 83, 24, 22, 180, 174, 47, 207, 52, 1,
 141, 146, 119, 233, 68, 228, 224, 228, 193, 248, 155, 202, 90, 7,
 213, 88, 33, 108, 107, 14, 86, 8, 120, 250, 58, 142, 35, 164, 238,
 221, 219, 35, 123, 88, 199, 192, 143, 104, 83, 17, 166, 243, 247, 11,
 166, 67, 68, 204, 132, 23, 110, 103, 228, 14, 55, 122, 88, 57, 180,
 178, 237, 52, 130, 214, 245, 102, 123, 67, 73, 175, 1, 127, 112, 148,
 94, 132, 164, 197, 153, 217, 87, 25, 89, 93, 63, 22, 66, 166, 90,
 251, 101, 10, 145, 66, 17, 124, 36, 255, 165, 226, 97, 16, 86, 112,
 154, 88, 105, 253, 56, 209, 229, 122, 103, 51, 24, 228, 190, 3, 236,
 48, 182, 121, 176, 140, 128, 117, 87, 251, 224, 37, 23, 248, 21, 218,
 85, 251, 136, 84, 147, 143, 144, 46, 155, 183, 251, 89, 86, 23, 26,

Jones Standards Track [Page 35] RFC 7517 JSON Web Key (JWK) May 2015

 237, 100, 167, 32, 130, 173, 237, 89, 55, 110, 70, 142, 127, 65, 230,
 208, 109, 69, 19, 253, 84, 130, 130, 193, 92, 58, 108, 150, 42, 136,
 249, 234, 86, 241, 182, 19, 117, 246, 26, 181, 92, 101, 155, 44, 103,
 235, 173, 30, 140, 90, 29, 183, 190, 77, 53, 206, 127, 5, 87, 8, 187,
 184, 92, 4, 157, 22, 18, 105, 251, 39, 88, 182, 181, 103, 148, 233,
 6, 63, 70, 188, 7, 101, 216, 127, 77, 31, 12, 233, 7, 147, 106, 30,
 150, 77, 145, 13, 205, 48, 56, 245, 220, 89, 252, 127, 51, 180, 36,
 31, 55, 18, 214, 230, 254, 217, 197, 65, 247, 27, 215, 117, 247, 108,
 157, 121, 11, 63, 150, 195, 83, 6, 134, 242, 41, 24, 105, 204, 5, 63,
 192, 14, 159, 113, 72, 140, 128, 51, 215, 80, 215, 39, 149, 94, 79,
 128, 34, 5, 129, 82, 83, 121, 187, 37, 146, 27, 32, 177, 167, 71, 9,
 195, 30, 199, 196, 205, 252, 207, 69, 8, 120, 27, 190, 51, 43, 75,
 249, 234, 167, 116, 206, 203, 199, 43, 108, 87, 48, 155, 140, 228,
 210, 85, 25, 161, 96, 67, 8, 205, 64, 39, 75, 88, 44, 238, 227, 16,
 0, 100, 93, 129, 18, 4, 149, 50, 68, 72, 99, 35, 111, 254, 27, 102,
 175, 108, 233, 87, 181, 44, 169, 18, 139, 79, 208, 14, 202, 192, 5,
 162, 222, 231, 149, 24, 211, 49, 120, 101, 39, 206, 87, 147, 204,
 200, 251, 104, 115, 5, 127, 117, 195, 79, 151, 18, 224, 52, 0, 245,
 4, 85, 255, 103, 217, 0, 116, 198, 80, 91, 167, 192, 154, 199, 197,
 149, 237, 51, 2, 131, 30, 226, 95, 105, 48, 68, 135, 208, 144, 120,
 176, 145, 157, 8, 171, 80, 94, 61, 92, 92, 220, 157, 13, 138, 51, 23,
 185, 124, 31, 77, 1, 87, 241, 43, 239, 55, 122, 86, 210, 48, 208,
 204, 112, 144, 80, 147, 106, 219, 47, 253, 31, 134, 176, 16, 135,
 219, 95, 17, 129, 83, 236, 125, 136, 112, 86, 228, 252, 71, 129, 218,
 174, 156, 236, 12, 27, 159, 11, 138, 252, 253, 207, 31, 115, 214,
 118, 239, 203, 16, 211, 205, 99, 22, 51, 163, 107, 162, 246, 199, 67,
 127, 34, 108, 197, 53, 117, 58, 199, 3, 190, 74, 70, 190, 65, 235,
 175, 97, 157, 215, 252, 189, 245, 100, 229, 248, 46, 90, 126, 237, 4,
 159, 128, 58, 7, 156, 236, 69, 191, 85, 240, 179, 224, 249, 152, 49,
 195, 223, 60, 78, 186, 157, 155, 217, 58, 105, 116, 164, 217, 111,
 215, 150, 218, 252, 84, 86, 248, 140, 240, 226, 61, 106, 208, 95, 60,
 163, 6, 0, 235, 253, 162, 96, 62, 234, 251, 249, 35, 21, 7, 211, 233,
 86, 50, 33, 203, 67, 248, 60, 190, 123, 48, 167, 226, 90, 191, 71,
 56, 183, 165, 17, 85, 76, 238, 140, 211, 168, 53, 223, 194, 4, 97,
 149, 156, 120, 137, 76, 33, 229, 243, 194, 208, 198, 202, 139, 28,
 114, 46, 224, 92, 254, 83, 100, 134, 158, 92, 70, 78, 61, 62, 138,
 24, 173, 216, 66, 198, 70, 254, 47, 59, 193, 53, 6, 139, 19, 153,
 253, 28, 199, 122, 160, 27, 67, 234, 209, 227, 139, 4, 50, 7, 178,
 183, 89, 252, 32, 128, 137, 55, 52, 29, 89, 12, 111, 42, 181, 51,
 170, 132, 132, 207, 170, 228, 254, 178, 213, 0, 136, 175, 8]
 The resulting Authentication Tag value is:
 [208, 113, 102, 132, 236, 236, 67, 223, 39, 53, 98, 99, 32, 121, 17,
 236]

Jones Standards Track [Page 36] RFC 7517 JSON Web Key (JWK) May 2015

 Encoding this JWE Ciphertext as BASE64URL(JWE Ciphertext) gives this
 value (with line breaks for display purposes only):
   AwhB8lxrlKjFn02LGWEqg27H4Tg9fyZAbFv3p5ZicHpj64QyHC44qqlZ3JEmnZTgQo
   wIqZJ13jbyHB8LgePiqUJ1hf6M2HPLgzw8L-mEeQ0jvDUTrE07NtOerBk8bwBQyZ6g
   0kQ3DEOIglfYxV8-FJvNBYwbqN1Bck6d_i7OtjSHV-8DIrp-3JcRIe05YKy3Oi34Z_
   GOiAc1EK21B11c_AE11PII_wvvtRiUiG8YofQXakWd1_O98Kap-UgmyWPfreUJ3lJP
   nbD4Ve95owEfMGLOPflo2MnjaTDCwQokoJ_xplQ2vNPz8iguLcHBoKllyQFJL2mOWB
   wqhBo9Oj-O800as5mmLsvQMTflIrIEbbTMzHMBZ8EFW9fWwwFu0DWQJGkMNhmBZQ-3
   lvqTc-M6-gWA6D8PDhONfP2Oib2HGizwG1iEaX8GRyUpfLuljCLIe1DkGOewhKuKkZ
   h04DKNM5Nbugf2atmU9OP0Ldx5peCUtRG1gMVl7Qup5ZXHTjgPDr5b2N731UooCGAU
   qHdgGhg0JVJ_ObCTdjsH4CF1SJsdUhrXvYx3HJh2Xd7CwJRzU_3Y1GxYU6-s3GFPbi
   rfqqEipJDBTHpcoCmyrwYjYHFgnlqBZRotRrS95g8F95bRXqsaDY7UgQGwBQBwy665
   d0zpvTasvfXf_c0MWAl-neFaKOW_Px6g4EUDjG1GWSXV9cLStLw_0ovdApDIFLHYHe
   PyagyHjouQUuGiq7BsYwYrwaF06tgB8hV8omLNfMEmDPJaZUzMuHw6tBDwGkzD-tS_
   ub9hxrpJ4UsOWnt5rGUyoN2N_c1-TQlXxm5oto14MxnoAyBQBpwIEgSH3Y4ZhwKBhH
   PjSo0cdwuNdYbGPpb-YUvF-2NZzODiQ1OvWQBRHSbPWYz_xbGkgD504LRtqRwCO7CC
   _CyyURi1sEssPVsMJRX_U4LFEOc82TiDdqjKOjRUfKK5rqLi8nBE9soQ0DSaOoFQZi
   GrBrqxDsNYiAYAmxxkos-i3nX4qtByVx85sCE5U_0MqG7COxZWMOPEFrDaepUV-cOy
   rvoUIng8i8ljKBKxETY2BgPegKBYCxsAUcAkKamSCC9AiBxA0UOHyhTqtlvMksO7AE
   hNC2-YzPyx1FkhMoS4LLe6E_pFsMlmjA6P1NSge9C5G5tETYXGAn6b1xZbHtmwrPSc
   ro9LWhVmAaA7_bxYObnFUxgWtK4vzzQBjZJ36UTk4OTB-JvKWgfVWCFsaw5WCHj6Oo
   4jpO7d2yN7WMfAj2hTEabz9wumQ0TMhBduZ-QON3pYObSy7TSC1vVme0NJrwF_cJRe
   hKTFmdlXGVldPxZCplr7ZQqRQhF8JP-l4mEQVnCaWGn9ONHlemczGOS-A-wwtnmwjI
   B1V_vgJRf4FdpV-4hUk4-QLpu3-1lWFxrtZKcggq3tWTduRo5_QebQbUUT_VSCgsFc
   OmyWKoj56lbxthN19hq1XGWbLGfrrR6MWh23vk01zn8FVwi7uFwEnRYSafsnWLa1Z5
   TpBj9GvAdl2H9NHwzpB5NqHpZNkQ3NMDj13Fn8fzO0JB83Etbm_tnFQfcb13X3bJ15
   Cz-Ww1MGhvIpGGnMBT_ADp9xSIyAM9dQ1yeVXk-AIgWBUlN5uyWSGyCxp0cJwx7HxM
   38z0UIeBu-MytL-eqndM7LxytsVzCbjOTSVRmhYEMIzUAnS1gs7uMQAGRdgRIElTJE
   SGMjb_4bZq9s6Ve1LKkSi0_QDsrABaLe55UY0zF4ZSfOV5PMyPtocwV_dcNPlxLgNA
   D1BFX_Z9kAdMZQW6fAmsfFle0zAoMe4l9pMESH0JB4sJGdCKtQXj1cXNydDYozF7l8
   H00BV_Er7zd6VtIw0MxwkFCTatsv_R-GsBCH218RgVPsfYhwVuT8R4HarpzsDBufC4
   r8_c8fc9Z278sQ081jFjOja6L2x0N_ImzFNXU6xwO-Ska-QeuvYZ3X_L31ZOX4Llp-
   7QSfgDoHnOxFv1Xws-D5mDHD3zxOup2b2TppdKTZb9eW2vxUVviM8OI9atBfPKMGAO
   v9omA-6vv5IxUH0-lWMiHLQ_g8vnswp-Jav0c4t6URVUzujNOoNd_CBGGVnHiJTCHl
   88LQxsqLHHIu4Fz-U2SGnlxGTj0-ihit2ELGRv4vO8E1BosTmf0cx3qgG0Pq0eOLBD
   IHsrdZ_CCAiTc0HVkMbyq1M6qEhM-q5P6y1QCIrwg
 Encoding this JWE Authentication Tag as BASE64URL(JWE Authentication
 Tag) gives this value:
   0HFmhOzsQ98nNWJjIHkR7A

Jones Standards Track [Page 37] RFC 7517 JSON Web Key (JWK) May 2015

C.9. Complete Representation

 Assemble the final representation: The JWE Compact Serialization of
 this result, as defined in Section 7.1 of [JWE], is the string
 BASE64URL(UTF8(JWE Protected Header)) || '.' || BASE64URL(JWE
 Encrypted Key) || '.' || BASE64URL(JWE Initialization Vector) || '.'
 || BASE64URL(JWE Ciphertext) || '.' || BASE64URL(JWE Authentication
 Tag).

Jones Standards Track [Page 38] RFC 7517 JSON Web Key (JWK) May 2015

 The final result in this example (with line breaks for display
 purposes only) is:
   eyJhbGciOiJQQkVTMi1IUzI1NitBMTI4S1ciLCJwMnMiOiIyV0NUY0paMVJ2ZF9DSn
   VKcmlwUTF3IiwicDJjIjo0MDk2LCJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiY3R5Ijoi
   andrK2pzb24ifQ.
   TrqXOwuNUfDV9VPTNbyGvEJ9JMjefAVn-TR1uIxR9p6hsRQh9Tk7BA.
   Ye9j1qs22DmRSAddIh-VnA.
   AwhB8lxrlKjFn02LGWEqg27H4Tg9fyZAbFv3p5ZicHpj64QyHC44qqlZ3JEmnZTgQo
   wIqZJ13jbyHB8LgePiqUJ1hf6M2HPLgzw8L-mEeQ0jvDUTrE07NtOerBk8bwBQyZ6g
   0kQ3DEOIglfYxV8-FJvNBYwbqN1Bck6d_i7OtjSHV-8DIrp-3JcRIe05YKy3Oi34Z_
   GOiAc1EK21B11c_AE11PII_wvvtRiUiG8YofQXakWd1_O98Kap-UgmyWPfreUJ3lJP
   nbD4Ve95owEfMGLOPflo2MnjaTDCwQokoJ_xplQ2vNPz8iguLcHBoKllyQFJL2mOWB
   wqhBo9Oj-O800as5mmLsvQMTflIrIEbbTMzHMBZ8EFW9fWwwFu0DWQJGkMNhmBZQ-3
   lvqTc-M6-gWA6D8PDhONfP2Oib2HGizwG1iEaX8GRyUpfLuljCLIe1DkGOewhKuKkZ
   h04DKNM5Nbugf2atmU9OP0Ldx5peCUtRG1gMVl7Qup5ZXHTjgPDr5b2N731UooCGAU
   qHdgGhg0JVJ_ObCTdjsH4CF1SJsdUhrXvYx3HJh2Xd7CwJRzU_3Y1GxYU6-s3GFPbi
   rfqqEipJDBTHpcoCmyrwYjYHFgnlqBZRotRrS95g8F95bRXqsaDY7UgQGwBQBwy665
   d0zpvTasvfXf_c0MWAl-neFaKOW_Px6g4EUDjG1GWSXV9cLStLw_0ovdApDIFLHYHe
   PyagyHjouQUuGiq7BsYwYrwaF06tgB8hV8omLNfMEmDPJaZUzMuHw6tBDwGkzD-tS_
   ub9hxrpJ4UsOWnt5rGUyoN2N_c1-TQlXxm5oto14MxnoAyBQBpwIEgSH3Y4ZhwKBhH
   PjSo0cdwuNdYbGPpb-YUvF-2NZzODiQ1OvWQBRHSbPWYz_xbGkgD504LRtqRwCO7CC
   _CyyURi1sEssPVsMJRX_U4LFEOc82TiDdqjKOjRUfKK5rqLi8nBE9soQ0DSaOoFQZi
   GrBrqxDsNYiAYAmxxkos-i3nX4qtByVx85sCE5U_0MqG7COxZWMOPEFrDaepUV-cOy
   rvoUIng8i8ljKBKxETY2BgPegKBYCxsAUcAkKamSCC9AiBxA0UOHyhTqtlvMksO7AE
   hNC2-YzPyx1FkhMoS4LLe6E_pFsMlmjA6P1NSge9C5G5tETYXGAn6b1xZbHtmwrPSc
   ro9LWhVmAaA7_bxYObnFUxgWtK4vzzQBjZJ36UTk4OTB-JvKWgfVWCFsaw5WCHj6Oo
   4jpO7d2yN7WMfAj2hTEabz9wumQ0TMhBduZ-QON3pYObSy7TSC1vVme0NJrwF_cJRe
   hKTFmdlXGVldPxZCplr7ZQqRQhF8JP-l4mEQVnCaWGn9ONHlemczGOS-A-wwtnmwjI
   B1V_vgJRf4FdpV-4hUk4-QLpu3-1lWFxrtZKcggq3tWTduRo5_QebQbUUT_VSCgsFc
   OmyWKoj56lbxthN19hq1XGWbLGfrrR6MWh23vk01zn8FVwi7uFwEnRYSafsnWLa1Z5
   TpBj9GvAdl2H9NHwzpB5NqHpZNkQ3NMDj13Fn8fzO0JB83Etbm_tnFQfcb13X3bJ15
   Cz-Ww1MGhvIpGGnMBT_ADp9xSIyAM9dQ1yeVXk-AIgWBUlN5uyWSGyCxp0cJwx7HxM
   38z0UIeBu-MytL-eqndM7LxytsVzCbjOTSVRmhYEMIzUAnS1gs7uMQAGRdgRIElTJE
   SGMjb_4bZq9s6Ve1LKkSi0_QDsrABaLe55UY0zF4ZSfOV5PMyPtocwV_dcNPlxLgNA
   D1BFX_Z9kAdMZQW6fAmsfFle0zAoMe4l9pMESH0JB4sJGdCKtQXj1cXNydDYozF7l8
   H00BV_Er7zd6VtIw0MxwkFCTatsv_R-GsBCH218RgVPsfYhwVuT8R4HarpzsDBufC4
   r8_c8fc9Z278sQ081jFjOja6L2x0N_ImzFNXU6xwO-Ska-QeuvYZ3X_L31ZOX4Llp-
   7QSfgDoHnOxFv1Xws-D5mDHD3zxOup2b2TppdKTZb9eW2vxUVviM8OI9atBfPKMGAO
   v9omA-6vv5IxUH0-lWMiHLQ_g8vnswp-Jav0c4t6URVUzujNOoNd_CBGGVnHiJTCHl
   88LQxsqLHHIu4Fz-U2SGnlxGTj0-ihit2ELGRv4vO8E1BosTmf0cx3qgG0Pq0eOLBD
   IHsrdZ_CCAiTc0HVkMbyq1M6qEhM-q5P6y1QCIrwg.
   0HFmhOzsQ98nNWJjIHkR7A

Jones Standards Track [Page 39] RFC 7517 JSON Web Key (JWK) May 2015

Acknowledgements

 A JSON representation for RSA public keys was previously introduced
 by John Panzer, Ben Laurie, and Dirk Balfanz in Magic Signatures
 [MagicSignatures].
 Thanks to Matt Miller for creating the encrypted key example and to
 Edmund Jay and Brian Campbell for validating the example.
 This specification is the work of the JOSE working group, which
 includes dozens of active and dedicated participants.  In particular,
 the following individuals contributed ideas, feedback, and wording
 that influenced this specification:
 Dirk Balfanz, Richard Barnes, John Bradley, Brian Campbell, Breno de
 Medeiros, Stephen Farrell, Joe Hildebrand, Edmund Jay, Stephen Kent,
 Ben Laurie, James Manger, Matt Miller, Kathleen Moriarty, Chuck
 Mortimore, Tony Nadalin, Axel Nennker, John Panzer, Eric Rescorla,
 Pete Resnick, Nat Sakimura, Jim Schaad, Ryan Sleevi, Paul Tarjan,
 Hannes Tschofenig, and Sean Turner.
 Jim Schaad and Karen O'Donoghue chaired the JOSE working group and
 Sean Turner, Stephen Farrell, and Kathleen Moriarty served as
 Security Area Directors during the creation of this specification.

Author's Address

 Michael B. Jones
 Microsoft
 EMail: mbj@microsoft.com
 URI:   http://self-issued.info/

Jones Standards Track [Page 40]

/data/webs/external/dokuwiki/data/pages/rfc/rfc7517.txt · Last modified: 2015/05/19 23:19 by 127.0.0.1

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki