Skip to content

ietf-wg-jose/json-web-proof

Repository files navigation

JSON Web Proof

Specification work for JSON Web Proof

The JSON Web Proof effort aims to establish a new JSON based container as a new entry in the JOSE family of container formats.

While similar to JSON Web Signature1, JSON Web Proof aim to support newer algorithms and cryptographic techniques. These techniques establish the role of a prover, which has limited capabilities to derive new forms of from a signed message which can still be cryptographically verified.

Examples of capabilities an algorithm may support include:

  1. Selectively disclose a subset of information to the verifier
  2. Provide for multiple uses of a proof container without correlation due to cryptography
  3. Disclose an answer to a predicate without disclosing the values used for evaluation
  4. Proof of possession

Specifications in Progress

JSON Web Proof

A new container, similar to JWS1, which allows for more than one payload.

JSON Proof Algorithms

Required and optional capabilities for algorithms within JSON Web Proof.

This is loosely analogous to JWA2, with concrete algorithms defined as separate specifications.

JSON Proof Token

An application of JWP for representing claims about an entity, analogous to JWT3.

Contributing

See the guidelines for contributions.

Contributions can be made by creating pull requests. The GitHub interface supports creating pull requests using the Edit (✏) button.

Command Line Usage

Formatted text and HTML versions of the draft can be built using make.

$ make

Command line usage requires that you have the necessary software installed. See the instructions.

Footnotes

  1. JSON Web Signatures - RFC7515 2

  2. JSON Web Algorithms - RFC7518

  3. JSON Web Token - RFC7519