Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add guidance around using JWK #220

Merged
merged 9 commits into from
Feb 16, 2024
Merged

Add guidance around using JWK #220

Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
0e8a79c
adjust language in example 13
Jan 16, 2024
4831101
Update index.html
decentralgabe Jan 18, 2024
e5b7127
Apply suggestions from code review
decentralgabe Jan 18, 2024
3a0d23a
Update index.html
decentralgabe Jan 25, 2024
29dadd3
Update index.html
decentralgabe Jan 26, 2024
acb6f0f
update alg prop
Jan 26, 2024
0504d11
update
Jan 26, 2024
0997c22
add section references
Feb 1, 2024
4343f5b
Update index.html
decentralgabe Feb 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 15 additions & 8 deletions index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -820,13 +820,25 @@ <h3>JsonWebKey</h3>
</dd>
<dt><dfn class="lint-ignore">publicKeyJwk</dfn></dt>
<dd>
<p>
The `publicKeyJwk` property is REQUIRED, and its value MUST
be a JSON Web Key that conforms to [[RFC7517]].
It is RECOMMENDED that verification methods that use
JWKs [[RFC7517]] to represent their <a>public keys</a> use the value of `kid` as
their fragment identifier. It is RECOMMENDED that JWK `kid` values be set to
the public key fingerprint [[RFC7638]]. See the first key in the example below
for an instance of a public key with a compound key identifier.
</p>
<p>
The `alg` property identifies the algorithm intended
decentralgabe marked this conversation as resolved.
Show resolved Hide resolved
for use with the public key. Although optional, it is RECOMMENDED that `alg`
be included, to avoid security issues arising from using the same key with multiple
decentralgabe marked this conversation as resolved.
Show resolved Hide resolved
algorithms. If describing a key using an elliptic curve, the `crv` property is used
to identify the particular curve type of the public key. The `kid` property is a hint
decentralgabe marked this conversation as resolved.
Show resolved Hide resolved
used to help discover the key; if present, the `kid` value SHOULD match, or be included
in, the `id` property of the encapsulating `JsonWebKey` object, as part of the path, query,
or fragment of the URL.
</p>
</dd>
<dt><dfn class="lint-ignore">secretKeyJwk</dfn></dt>
<dd>
Expand Down Expand Up @@ -861,14 +873,9 @@ <h3>JsonWebKey</h3>
In the example above, the `publicKeyJwk` value contains the JSON Web Key.
The `kty` property encodes the key type of "OKP", which means
"Octet string key pairs". The `alg` property identifies the algorithm intended
for use with the public key. Although optional, it is RECOMMENDED that `alg`
be included, to avoid security issues arising from using the same key with multiple
algorithms. The `crv` property identifies the particular curve type of the
public key. The `kid` property is a hint used to help discover the key; if present,
the `kid` value SHOULD match, or be included in, the `id` property of the
encapsulating `JsonWebKey` object, as part of the path, query, or fragment of the
URL. Finally, the `x` property specifies the point on the Ed25519 curve that is
associated with the public key.
for use with the public key, which in this case is `ES384`. The `crv` property identifies
the particular curve type of the public key, `P-384`. The `x` property specifies
the point on the P-384 curve that is associated with the public key.
</p>

<p>
Expand Down