RFC 7515 section 7.2.1 provides definitions for the encoding
and contents of the JWS members being used in this object. Below are some quick
summaries and additional details about these members and the specific features being
used.
payload
An encoded SecureElement object, which is the primary content
being signed. All information about the secure element is contained here.
JWS unprotected header. This object contains the unique ID member repeated from
the SecureElement object in the payload. The unprotected header is not
part of the signed data in the JWS; therefore, it does not need to be encoded
and is included to facilitate plain-text searches of the manifest without
needing to decode the payload.
signature
The encoded JWS signature of the payload and protected members.