RFC 7515 - JSON Web Signature (JWS)
Published: May 2015
Status: Standards Track
Authors: M. Jones (Microsoft), J. Bradley (Ping Identity), N. Sakimura (NRI)
Abstract
JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based data structures. Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) specification and an IANA registry defined by that specification. Related encryption capabilities are described in the separate JSON Web Encryption (JWE) specification.
Status of This Memo
This is an Internet Standards Track document.
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7515.
Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
Contents
- 1. Introduction
- 1.1 Notational Conventions
- 2. Terminology
- 3. JSON Web Signature (JWS) Overview
- 3.1 JWS Compact Serialization Overview
- 3.2 JWS JSON Serialization Overview
- 3.3 Example JWS
- 4. JOSE Header
- 4.1 Registered Header Parameter Names
- 4.1.1 "alg" (Algorithm) Header Parameter
- 4.1.2 "jku" (JWK Set URL) Header Parameter
- 4.1.3 "jwk" (JSON Web Key) Header Parameter
- 4.1.4 "kid" (Key ID) Header Parameter
- 4.1.5 "x5u" (X.509 URL) Header Parameter
- 4.1.6 "x5c" (X.509 Certificate Chain) Header Parameter
- 4.1.7 "x5t" (X.509 Certificate SHA-1 Thumbprint) Header Parameter
- 4.1.8 "x5t#S256" (X.509 Certificate SHA-256 Thumbprint) Header Parameter
- 4.1.9 "typ" (Type) Header Parameter
- 4.1.10 "cty" (Content Type) Header Parameter
- 4.1.11 "crit" (Critical) Header Parameter
- 4.2 Public Header Parameter Names
- 4.3 Private Header Parameter Names
- 4.1 Registered Header Parameter Names
- 5. Producing and Consuming JWSs
- 5.1 Message Signature or MAC Computation
- 5.2 Message Signature or MAC Validation
- 5.3 String Comparison Rules
- 6. Key Identification
- 7. Serializations
- 7.1 JWS Compact Serialization
- 7.2 JWS JSON Serialization
- 7.2.1 General JWS JSON Serialization Syntax
- 7.2.2 Flattened JWS JSON Serialization Syntax
- 8. TLS Requirements
- 9. IANA Considerations
- 9.1 JSON Web Signature and Encryption Header Parameters Registry
- 9.1.1 Registration Template
- 9.1.2 Initial Registry Contents
- 9.2 Media Type Registration
- 9.2.1 Registry Contents
- 9.1 JSON Web Signature and Encryption Header Parameters Registry
- 10. Security Considerations
- 10.1 Key Entropy and Random Values
- 10.2 Key Protection
- 10.3 Key Origin Authentication
- 10.4 Cryptographic Agility
- 10.5 Differences between Digital Signatures and MACs
- 10.6 Algorithm Validation
- 10.7 Algorithm Protection
- 10.8 Chosen Plaintext Attacks
- 10.9 Timing Attacks
- 10.10 Replay Protection
- 10.11 SHA-1 Certificate Thumbprints
- 10.12 JSON Security Considerations
- 10.13 Unicode Comparison Security Considerations
- 11. References
- 11.1 Normative References
- 11.2 Informative References
Appendices
- Appendix A. JWS Examples
- A.1 Example JWS Using HMAC SHA-256
- A.1.1 Encoding
- A.1.2 Validating
- A.2 Example JWS Using RSASSA-PKCS1-v1_5 SHA-256
- A.2.1 Encoding
- A.2.2 Validating
- A.3 Example JWS Using ECDSA P-256 SHA-256
- A.3.1 Encoding
- A.3.2 Validating
- A.4 Example JWS Using ECDSA P-521 SHA-512
- A.4.1 Encoding
- A.4.2 Validating
- A.5 Example Unsecured JWS
- A.6 Example JWS Using General JWS JSON Serialization
- A.6.1 JWS Per-Signature Protected Headers
- A.6.2 JWS Per-Signature Unprotected Headers
- A.6.3 Complete JOSE Header Values
- A.6.4 Complete JWS JSON Serialization Representation
- A.7 Example JWS Using Flattened JWS JSON Serialization
- A.1 Example JWS Using HMAC SHA-256
- Appendix B. "x5c" (X.509 Certificate Chain) Example
- Appendix C. Notes on Implementing base64url Encoding without Padding
- Appendix D. Notes on Key Selection
- Appendix E. Negative Test Case for "crit" Header Parameter
- Appendix F. Detached Content
- Acknowledgements
Related Resources
- Official Text:
https://www.rfc-editor.org/rfc/rfc7515.txt - Official Page:
https://datatracker.ietf.org/doc/html/rfc7515 - Errata:
https://www.rfc-editor.org/errata_search.php?rfc=7515