JSON Web Key (JWK)
RFC 7517

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: RFC Editor <rfc-editor@rfc-editor.org>,
    jose mailing list <jose@ietf.org>,
    jose chair <jose-chairs@tools.ietf.org>
Subject: Protocol Action: 'JSON Web Key (JWK)' to Proposed Standard (draft-ietf-jose-json-web-key-41.txt)

The IESG has approved the following document:
- 'JSON Web Key (JWK)'
  (draft-ietf-jose-json-web-key-41.txt) as Proposed Standard

This document is the product of the Javascript Object Signing and
Encryption Working Group.

The IESG contact persons are Kathleen Moriarty and Stephen Farrell.

A URL of this Internet Draft is:
http://datatracker.ietf.org/doc/draft-ietf-jose-json-web-key/


Technical Summary

This document, JSON Web Encryption (JWE), represents encrypted content using 
JavaScript Object Notation (JSON) based data structures. 

Working Group Summary

The document has clear working group consensus for publication, and has been 
reviewed by several WG participants since its initial adoption as a working group 
item.

Document Quality

This document has been reviewed and revised many times. There are multiple 
implementations of this document. Some of these are listed at: 
https://openid.net/developers/libraries/ (see the JWT/JWS/JWE/JWK/JWA 
Implementations section). 

The IETF last call reviews were mostly addressed, but there are a few items 
that should be addressed in the next revision that were agreed to already in the 
SecDir review.
http://www.ietf.org/mail-archive/web/secdir/current/msg05104.html

The discussion on duplicate member names applies to this draft and is unresolved.
WG consensus has been to leave the text as-is, although new options have surfaced.
Opinions are welcome. 
http://www.ietf.org/mail-archive/web/secdir/current/msg05111.html

Personnel

Karen O'Donoghue is acting as the Document Shepherd.  Kathleen Moriarty is the 
Responsible Area Director. 


IANA Note

  'The registries use the 5226 'Specification Required'
   registration policy.'

RFC Editor Note: 

This draft is part of a set of drafts that cross 2 working groups. I am 
working through the reviews (shepherd just confirmed them for the OAuth 
ones) and would like them processed as a set. The JOSE drafts will 
hopefully be ready shortly as well. The set includes (in order):

1 draft-ietf-jose-json-web-signature
2 draft-ietf-jose-json-web-encryption
3 draft-ietf-jose-json-web-key
4 draft-ietf-jose-json-web-algorithms
5 draft-ietf-oauth-json-web-token
6 draft-ietf-jose-cookbook
7 draft-ietf-oauth-assertions
8 draft-ietf-oauth-saml2-bearer
9 draft-ietf-oauth-jwt-bearer