Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs) is now RFC 7800

On April 6, 2016

In Cryptography, JSON, OAuth, Specifications

The Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs) specification is now RFC 7800 — an IETF standard. The abstract describes the specification as:

This specification describes how to declare in a JSON Web Token (JWT) that the presenter of the JWT possesses a particular proof-of-possession key and how the recipient can cryptographically confirm proof of possession of the key by the presenter. Being able to prove possession of a key is also sometimes described as the presenter being a holder-of-key.

Thanks to John Bradley, Hannes Tschofenig, and the OAuth working group for their work on this specification.

You must be logged in to post a comment.

Musings on Digital Identity

Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs) is now RFC 7800

Leave a Reply

Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs) is now RFC 7800

Using RSA Algorithms with COSE Messages

OpenID Connect Discussions at EIC 2016

Leave a Reply