RFC 8747
Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs), March 2020
- File formats:
- Also available: XML file for editing
- Status:
- PROPOSED STANDARD
- Authors:
- M. Jones
L. Seitz
G. Selander
S. Erdtman
H. Tschofenig - Stream:
- IETF
- Source:
- ace (sec)
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC8747
Discuss this RFC: Send questions or comments to the mailing list ace@ietf.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8747
Abstract
This specification describes how to declare in a CBOR Web Token (CWT) (which is defined by RFC 8392) that the presenter of the CWT possesses a particular proof-of-possession key. Being able to prove possession of a key is also sometimes described as being the holder-of-key. This specification provides equivalent functionality to "Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)" (RFC 7800) but using Concise Binary Object Representation (CBOR) and CWTs rather than JavaScript Object Notation (JSON) and JSON Web Tokens (JWTs).
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.