Tobias Looker and I have published an updated CBOR Web Token (CWT) Claims in COSE Headers draft that addresses the COSE Working Group Last Call (WGLC) comments received. Changes made were:
- Added Acknowledgements section.
- Addressed WGLC feedback. Specifically…
- Added statement about being able to use the header parameter in any COSE object.
- Moved statement about verifying that claim values present in both the header and payload are identical from the Security Considerations to the body of the specification.
The specification is available at: