Using CBOR Web Tokens (CWTs) in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)
draft-tschofenig-tls-cwt-01
| Document | Type | Expired Internet-Draft (individual) | |
|---|---|---|---|
| Authors | Hannes Tschofenig , Mathias Brossard | ||
| Last updated | 2020-05-07 (Latest revision 2019-11-04) | ||
| Stream | (None) | ||
| Formats |
Expired & archived
plain text
xml
htmlized
pdfized
bibtex
|
||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
https://www.ietf.org/archive/id/draft-tschofenig-tls-cwt-01.txt
Abstract
The TLS protocol supports different credentials, including pre-shared keys, raw public keys, and X.509 certificates. For use with public key cryptography developers have to decide between raw public keys, which require out-of-band agreement and full-fletched X.509 certificates. For devices where the reduction of code size is important it is desirable to minimize the use of X.509-related libraries. With the CBOR Web Token (CWT) a structure has been defined that allows CBOR-encoded claims to be protected with CBOR Object Signing and Encryption (COSE). This document registers a new value to the "TLS Certificate Types" sub-registry to allow TLS and DTLS to use CWTs. Conceptually, CWTs can be seen as a certificate format (when with public key cryptography) or a Kerberos ticket (when used with symmetric key cryptography).
Authors
Hannes Tschofenig
Mathias Brossard
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)