This specification defines how to express a declaration in a JSON Web
Token (JWT) that the presenter of the JWT possesses a particular key
and that the recipient can cryptographically confirm proof-of-
possession of the key by the presenter. This property is also
sometimes described as the presenter being a holder-of-key.
Working Group Summary
The document was developed by the working group based on the
requirements and architecture described in
There is strong consensus behind this work.
There is at least one implementation of this draft
confirmed on the OAuth mailing list.
Kepeng Li is the document shepherd and
Kathleen Moriarty is the responsible AD.
This specification establishes the IANA "JWT Confirmation Methods"
registry for JWT "cnf" member values with Specification Required [RFC5226]
and designated expert review on the firstname.lastname@example.org
CNF value is also added to the registry established in RFC7519