JSON Web Token Best Current Practices
draft-sheffer-oauth-jwt-bcp-01
| Document | Type |
Replaced Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Authors | Yaron Sheffer , Dick Hardt , Michael B. Jones | ||
| Last updated | 2017-07-03 | ||
| Replaced by | draft-ietf-oauth-jwt-bcp | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Replaced by draft-ietf-oauth-jwt-bcp | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
JSON Web Tokens, also known as JWTs [RFC7519], are URL-safe JSON- based security tokens that contain a set of claims that can be signed and/or encrypted. JWTs are being widely used and deployed as a simple security token format in numerous protocols and applications, both in the area of digital identity, and in other application areas. The goal of this Best Current Practices document is to provide actionable guidance leading to secure implementation and deployment of JWTs.
Authors
Yaron Sheffer
Dick Hardt
Michael B. Jones
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)