Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)
draft-jones-ace-cwt-proof-of-possession-01

Document Type Replaced Internet-Draft (individual)
Last updated 2017-06-30
Replaced by draft-ietf-ace-cwt-proof-of-possession
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-ace-cwt-proof-of-possession
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-jones-ace-cwt-proof-of-possession-01.txt

Abstract

This specification describes how to declare in a CBOR Web Token (CWT) that the presenter of the CWT possesses a particular proof-of- possession key. Being able to prove possession of a key is also sometimes described as the presenter being a holder-of-key. This specification provides equivalent functionality to "Proof-of- Possession Key Semantics for JSON Web Tokens (JWTs)" (RFC 7800), but using CBOR and CWTs rather than JSON and JWTs.

Authors

Michael Jones (mbj@microsoft.com)
Ludwig Seitz (ludwig@ri.se)
Göran Selander (goran.selander@ericsson.com)
Erik Wahlstroem (erik@wahlstromstekniska.se)
Samuel Erdtman (erdtman@spotify.com)
Hannes Tschofenig (hannes.tschofenig@arm.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)