Initial Working Group Draft of Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)

The initial working group draft of the Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) specification has been posted. It contains the same normative content as draft-jones-ace-cwt-proof-of-possession-01. The abstract of the specification is:

This specification describes how to declare in a CBOR Web Token (CWT) that the presenter of the CWT possesses a particular proof-of-possession key. Being able to prove possession of a key is also sometimes described as the presenter being a holder-of-key. This specification provides equivalent functionality to “Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)” (RFC 7800), but using CBOR and CWTs rather than JSON and JWTs.

I look forward to working with my co-authors and the working group to hopefully complete this quickly!

The specification is available at:

https://tools.ietf.org/html/draft-ietf-ace-cwt-proof-of-possession-00

An HTML-formatted version is also available at:

https://self-issued.info/docs/draft-ietf-ace-cwt-proof-of-possession-00.html

Musings on Digital Identity

Initial Working Group Draft of Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)

Leave a Reply

Initial Working Group Draft of Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)

“Using RSA Algorithms with CBOR Object Signing and Encryption (COSE) Messages” is now RFC 8230

OpenID Presentations at October 16, 2017 OpenID Workshop and IIW

Leave a Reply