[Ace] Protocol Action: 'Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)' to Proposed Standard (draft-ietf-ace-cwt-proof-of-possession-11.txt)

The IESG <iesg-secretary@ietf.org> Mon, 04 November 2019 16:21 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ace@ietf.org
Delivered-To: ace@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id B19EB120A62; Mon, 4 Nov 2019 08:21:28 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.108.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: rdd@cert.org, The IESG <iesg@ietf.org>, ace-chairs@ietf.org, kaduk@mit.edu, ace@ietf.org, draft-ietf-ace-cwt-proof-of-possession@ietf.org, rfc-editor@rfc-editor.org
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <157288448872.16630.4058400626255158313.idtracker@ietfa.amsl.com>
Date: Mon, 04 Nov 2019 08:21:28 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/fsRUwI5o2Dz2Z_dX_yD0iohwKHo>
Subject: [Ace] Protocol Action: 'Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)' to Proposed Standard (draft-ietf-ace-cwt-proof-of-possession-11.txt)
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 04 Nov 2019 16:21:29 -0000

The IESG has approved the following document:
- 'Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)'
  (draft-ietf-ace-cwt-proof-of-possession-11.txt) as Proposed Standard

This document is the product of the Authentication and Authorization for
Constrained Environments Working Group.

The IESG contact persons are Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-cwt-proof-of-possession/




Technical Summary

This document specifies describes how to declare in a CBOR Web Token (CWT)
that the presenter of the CWT possesses a particular proof-of-possession key.
It is a functional equivalent to the proof of possession key semantics in 
JSON Web Tokens (JWTs) (RFC 7800) but using CBOR/CWT instead of JSON/JWT.

Working Group Summary

The WG has reached consensus to publish this protocol specification as a
Proposed Standard so that it tracks the equivalent work with JWTs (RFC 7800).
It has been subjected to review from the community of interest and the details
have been testing through various CWT implementations.

Document Quality

This document went through the usual level of review for the WG.  WGLC
and AD evaluation revealed some issues to address with respect to clarity,
but no major flaws were found.

Personnel

Roman Danyliw is the document shepherd.
Benjamin Kaduk is the responsible AD.