JWT BCP updates addressing Area Director review comments

On November 8, 2018

In Claims, Cryptography, IETF, JSON, OAuth, Specifications

OAuth logo The JSON Web Token (JWT) Best Current Practices (BCP) specification has been updated to address the review comments from Security Area Director (AD) Eric Rescorla. Thanks to Eric for the review and to Yaron Sheffer for working on the responses with me.

Note that IETF publication has already been requested. The next step is for the shepherd review to be submitted and responded to.

The specification is available at:

https://tools.ietf.org/html/draft-ietf-oauth-jwt-bcp-04

An HTML-formatted version is also available at:

https://self-issued.info/docs/draft-ietf-oauth-jwt-bcp-04.html

You must be logged in to post a comment.

Musings on Digital Identity

JWT BCP updates addressing Area Director review comments

Leave a Reply

JWT BCP updates addressing Area Director review comments

Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) spec addressing additional WGLC comments

Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) spec adding Key ID considerations

Leave a Reply