[OAUTH-WG] I-D Action: draft-ietf-oauth-jwt-bcp-01.txt

internet-drafts@ietf.org Fri, 23 March 2018 00:41 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: oauth@ietf.org
Delivered-To: oauth@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 07A27127137; Thu, 22 Mar 2018 17:41:10 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Cc: oauth@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.76.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <152176566997.17675.7172691504392852817@ietfa.amsl.com>
Date: Thu, 22 Mar 2018 17:41:10 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/-_I96fNe7JzIHRJO0vrI9U8zrV8>
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-jwt-bcp-01.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Mar 2018 00:41:10 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.

        Title           : JSON Web Token Best Current Practices
        Authors         : Yaron Sheffer
                          Dick Hardt
                          Michael B. Jones
	Filename        : draft-ietf-oauth-jwt-bcp-01.txt
	Pages           : 12
	Date            : 2018-03-22

   JSON Web Tokens, also known as JWTs [RFC7519], are URL-safe JSON-
   based security tokens that contain a set of claims that can be signed
   and/or encrypted.  JWTs are being widely used and deployed as a
   simple security token format in numerous protocols and applications,
   both in the area of digital identity, and in other application areas.
   The goal of this Best Current Practices document is to provide
   actionable guidance leading to secure implementation and deployment
   of JWTs.

The IETF datatracker status page for this draft is:

There are also htmlized versions available at:

A diff from the previous version is available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at: