Proof-of-Possession Key Semantics for JWTs draft -04 addresses the remaining working group comments received — both a few leftover WGLC comments and comments received during IETF 93 in Prague. The changes were:
- Allowed the use of “
jwk” for symmetric keys when the JWT is encrypted.
- Added the “
jku” (JWK Set URL) member.
- Added privacy considerations.
- Reordered sections so that the “
cnf” (confirmation) claim is defined before it is used.
- Noted that applications can define new claim names, in addition to “
cnf“, to represent additional proof-of-possession keys, using the same representation as “
- Applied wording clarifications suggested by Nat Sakimura.
The updated specification is available at:
An HTML formatted version is also available at: