[OAUTH-WG] I-D Action: draft-ietf-oauth-jwt-bcp-00.txt

internet-drafts@ietf.org Thu, 27 July 2017 20:27 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: oauth@ietf.org
Delivered-To: oauth@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 0DE88132198; Thu, 27 Jul 2017 13:27:35 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: <i-d-announce@ietf.org>
Cc: oauth@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 6.57.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <150118725501.11482.12009248355500993067@ietfa.amsl.com>
Date: Thu, 27 Jul 2017 13:27:35 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/ILWthvbQwopWOLYWeZrGtFKZhGo>
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-jwt-bcp-00.txt
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.22
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 27 Jul 2017 20:27:35 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.

        Title           : JSON Web Token Best Current Practices
        Authors         : Yaron Sheffer
                          Dick Hardt
                          Michael B. Jones
	Filename        : draft-ietf-oauth-jwt-bcp-00.txt
	Pages           : 11
	Date            : 2017-07-19

   JSON Web Tokens, also known as JWTs [RFC7519], are URL-safe JSON-
   based security tokens that contain a set of claims that can be signed
   and/or encrypted.  JWTs are being widely used and deployed as a
   simple security token format in numerous protocols and applications,
   both in the area of digital identity, and in other application areas.
   The goal of this Best Current Practices document is to provide
   actionable guidance leading to secure implementation and deployment
   of JWTs.

The IETF datatracker status page for this draft is:

There are also htmlized versions available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at: