JSON Web Algorithms (JWA)
draft-ietf-jose-json-web-algorithms-40

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: RFC Editor <rfc-editor@rfc-editor.org>,
    jose mailing list <jose@ietf.org>,
    jose chair <jose-chairs@tools.ietf.org>
Subject: Protocol Action: 'JSON Web Algorithms (JWA)' to Proposed Standard (draft-ietf-jose-json-web-algorithms-40.txt)

The IESG has approved the following document:
- 'JSON Web Algorithms (JWA)'
  (draft-ietf-jose-json-web-algorithms-40.txt) as Proposed Standard

This document is the product of the Javascript Object Signing and
Encryption Working Group.

The IESG contact persons are Kathleen Moriarty and Stephen Farrell.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-jose-json-web-algorithms/

Ballot Text

Technical Summary

This document, the JSON Web Algorithms (JWA) specification, registers 
cryptographic algorithms and identifiers to be used with the JSON Web 
Signature (JWS), JSON Web Encryption (JWE), and JSON Web Key (JWK) 
specifications.  It establishes several IANA registries for these identifiers.

Working Group Summary

The document has clear working group consensus for publication, and has 
been reviewed by several WG participants since its initial adoption as a 
working group item. The question of what cryptographic algorithms should be 
included was somewhat difficult as it is for any process trying to determine 
which algorithms should be included. The considerations included what is 
implemented, available, broadly used, and adequate from a security 
perspective. The issue of algorithms that are potentially less desirable but 
more broadly implemented was considered.

The IETF last call revisited a couple of sticky points across the set of drafts
for JOSE in review.  For this draft, JWA, a few additional changes were made 
to improve terminology for the most part with working group agreement.

Document Quality

This document has been reviewed and revised many times. There are multiple 
implementations of this document. Some of these are listed at: 
https://openid.net/developers/libraries/ (see the JWT/JWS/JWE/JWK/JWA 
Implementations section).

Contributors are acknowledged in the Acknowledgment section as well as in the 
detailed change log.

Personnel

Karen O'Donoghue is acting as the Document Shepherd.  Kathleen Moriarty is 
the Responsible Area Director. 

   If the document requires IANA
   experts(s), insert 'The registries use the 5226 'Specification Required'
   registration policy."

RFC Editor Note

This draft is part of a set of drafts that cross 2 working groups. I am 
working through the reviews (shepherd just confirmed them for the OAuth 
ones) and would like them processed as a set. The JOSE drafts will 
hopefully be ready shortly as well. The set includes (in order):

1 draft-ietf-jose-json-web-signature
2 draft-ietf-jose-json-web-encryption
3 draft-ietf-jose-json-web-key
4 draft-ietf-jose-json-web-algorithms
5 draft-ietf-oauth-json-web-token
6 draft-ietf-jose-cookbook
7 draft-ietf-oauth-assertions
8 draft-ietf-oauth-saml2-bearer
9 draft-ietf-oauth-jwt-bearer

RFC Editor Note