2. Terminology

The terms "JSON Web Signature (JWS)", "Base64url Encoding", "Collision-Resistant Name", "Header Parameter", and "JOSE Header" are defined by the JWS specification [JWS].

The terms "JSON Web Encryption (JWE)", "Additional Authenticated Data (AAD)", "JWE Authentication Tag", "JWE Ciphertext", "JWE Compact Serialization", "JWE Encrypted Key", "JWE Initialization Vector", and "JWE Protected Header" are defined by the JWE specification [JWE].

The terms "Ciphertext", "Digital Signature", "Message Authentication Code (MAC)", and "Plaintext" are defined by the "Internet Security Glossary, Version 2" [RFC4949].

These terms are defined by this specification:

JSON Web Key (JWK) : A JSON object that represents a cryptographic key. The members of the object represent properties of the key, including its value.

JWK Set : A JSON object that represents a set of JWKs. The JSON object MUST have a "keys" member, which is an array of JWKs.