oauth2.dev

q

IESG

Registry Context

The q parameter is the second prime factor in an RSA private key JWK.

Technical Summary

RSA private-key JWK member containing the second prime factor, represented as a Base64urlUInt-encoded value.

When Used

When representing an RSA private key as a JWK.

Normative Requirements

Producers of JWKs representing RSA private keys

MUST
1

  1. RFC 7518 - Section 6.3.2

    include q along with all other non-oth optimization parameters.

    Condition: if any RSA private-key optimization parameter is included

    If the producer includes any of the other private key parameters, then all of the others MUST be present.

SHOULD
1

  1. RFC 7518 - Section 6.3.2

    include q.

    Condition: when representing RSA private keys

    The others enable optimizations and SHOULD be included by producers of JWKs representing RSA private keys.

Validation Guidance

info

Verify that q is encoded as a Base64urlUInt value when present.

warning

For an RSA private-key JWK, warn if q is omitted.

error

If p, dp, dq, qi, or oth is present, verify that q is also present.

Reference

RFC7518 - Section 6.3.2.3

Details

Entry Id
q
Parameter Name
q
Parameter Description
Second Prime Factor
Used With Kty Value
RSA
Parameter Information Class
Private
Change Controller
IESG
Reference
RFC7518 - Section 6.3.2.3