Technical Summary
This document defines a method for computing a hash value over a JSON Web Key
structure. The document describes what the subset of fields in a key to be used are,
the method of creating a canonical form for those fields, and how to convert the
resulting UNICODE string into a byte sequence appropriate for hashing.
Working Group Summary
The document has clear working group consensus for publication, and has been
reviewed by several WG participants since its initial adoption as a working group
item. There was some discussion over the form and content of the string to be
hashed. Some people advocated for the use of the current X.509 SPKI structure and
some over use a string that was not a JSON structure. This discussion ended without
conclusion and thus the original proposal advanced.
Document Quality
Some in the OpenID community have implemented.
- NRI implemented as a part of Self-Issued OpenID Connect provider http://openid.net/specs/openid-connect-core-1_0.html#SelfIssued
- Deutsche Telekom Laboratories implemented
Personnel
Karen O'Donoghue is acting as the Document Shepherd. Kathleen Moriarty is the
Responsible Area Director.
IANA Note
This draft adds instructions for Designated experts to the process for additions to the following existing registries:
o JSON Web Key Types
o JSON Web Key Elliptic Curve
o JSON Web Key Parameters