@techreport{tschofenig-jose-key-identifier-security-00, number = {draft-tschofenig-jose-key-identifier-security-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-tschofenig-jose-key-identifier-security/00/}, author = {Hannes Tschofenig and Les Hazlewood and Yaron Sheffer}, title = {{Security Aspects of Key Identifiers on COSE/JOSE}}, pagetotal = 6, year = 2024, month = jul, day = 23, abstract = {This document provides guidance for improving the security of JSON Object Signing and Encryption (JOSE) and CBOR Object Signing and Encryption (COSE) implementations. It emphasizes the importance of handling key identification within the header to simplify security processing and reduce risks. Recommendations are given to ensure better interoperability and security for protocol designers and implementers}, }