CBOR Web Token (CWT) draft addressing IETF last call comments

The CBOR Web Token (CWT) specification has been updated to address IETF last call comments received to date, including GenArt, SecDir, Area Director, and additional shepherd comments. Changes were:

Clarified the registration criteria applied to different ranges of Claim Key values, as suggested by Kathleen Moriarty and Dan Romascanu.
No longer describe the syntax of CWT claims as being the same as that of the corresponding JWT claims, as suggested by Kyle Rose.
Added guidance about the selection of the Designated Experts, as suggested by Benjamin Kaduk.
Acknowledged additional reviewers.

The specification is available at:

https://tools.ietf.org/html/draft-ietf-ace-cbor-web-token-13

An HTML-formatted version is also available at:

https://self-issued.info/docs/draft-ietf-ace-cbor-web-token-13.html

Musings on Digital Identity

CBOR Web Token (CWT) draft addressing IETF last call comments

Leave a Reply

CBOR Web Token (CWT) draft addressing IETF last call comments

OAuth Authorization Server Metadata spec addressing additional IESG feedback

W3C Web Authentication (WebAuthn) specification almost a Candidate Recommendation (CR)

Leave a Reply