Ping Identity Ping Identity individual The JOSE set of standards established JSON-based container formats for signatures (https://datatracker.ietf.org/doc/rfc7515/) over a content payload using established algorithms (https://datatracker.ietf.org/doc/rfc7518/). Newer algorithms are emerging which allow for additional operations on content, such as a party (other than the signer) choosing not to disclose some of the integrity-protected content. However, these algorithms often support granularity at the individual message level, creating a need to define a way to support expressing multiple content payloads as part of a single message. This document defines a new operational mode for JSON Web Signatures that operates on a protected header and multiple binary content payloads to provide the expressivity needed for this class of algorithm. It also describes how multiple content payloads can be expressed in a manner compatible with pre-existing algorithms, albeit without the operational capabilities of newer algorithms.