The IESG has approved the following document: - 'JSON Web Algorithms (JWA)' (draft-ietf-jose-json-web-algorithms-40.txt) as Proposed Standard This document is the product of the Javascript Object Signing and Encryption Working Group. The IESG contact persons are Kathleen Moriarty and Stephen Farrell. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-jose-json-web-algorithms/ Technical Summary This document, the JSON Web Algorithms (JWA) specification, registers cryptographic algorithms and identifiers to be used with the JSON Web Signature (JWS), JSON Web Encryption (JWE), and JSON Web Key (JWK) specifications. It establishes several IANA registries for these identifiers. Working Group Summary The document has clear working group consensus for publication, and has been reviewed by several WG participants since its initial adoption as a working group item. The question of what cryptographic algorithms should be included was somewhat difficult as it is for any process trying to determine which algorithms should be included. The considerations included what is implemented, available, broadly used, and adequate from a security perspective. The issue of algorithms that are potentially less desirable but more broadly implemented was considered. The IETF last call revisited a couple of sticky points across the set of drafts for JOSE in review. For this draft, JWA, a few additional changes were made to improve terminology for the most part with working group agreement. Document Quality This document has been reviewed and revised many times. There are multiple implementations of this document. Some of these are listed at: https://openid.net/developers/libraries/ (see the JWT/JWS/JWE/JWK/JWA Implementations section). Contributors are acknowledged in the Acknowledgment section as well as in the detailed change log. Personnel Karen O'Donoghue is acting as the Document Shepherd. Kathleen Moriarty is the Responsible Area Director. If the document requires IANA experts(s), insert 'The registries use the 5226 'Specification Required' registration policy." RFC Editor Note This draft is part of a set of drafts that cross 2 working groups. I am working through the reviews (shepherd just confirmed them for the OAuth ones) and would like them processed as a set. The JOSE drafts will hopefully be ready shortly as well. The set includes (in order): 1 draft-ietf-jose-json-web-signature 2 draft-ietf-jose-json-web-encryption 3 draft-ietf-jose-json-web-key 4 draft-ietf-jose-json-web-algorithms 5 draft-ietf-oauth-json-web-token 6 draft-ietf-jose-cookbook 7 draft-ietf-oauth-assertions 8 draft-ietf-oauth-saml2-bearer 9 draft-ietf-oauth-jwt-bearer