[OAUTH-WG] Protocol Action: 'Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)' to Proposed Standard (draft-ietf-oauth-proof-of-possession-11.txt)
The IESG <iesg-secretary@ietf.org> Mon, 28 December 2015 14:40 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: oauth@ietf.org
Delivered-To: oauth@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id BB5F21A00E1; Mon, 28 Dec 2015 06:40:28 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 6.11.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <20151228144028.6639.51315.idtracker@ietfa.amsl.com>
Date: Mon, 28 Dec 2015 06:40:28 -0800
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/vkbJ_N453J7tzTWHvVekGlPEuSg>
Cc: draft-ietf-oauth-proof-of-possession@ietf.org, oauth-chairs@ietf.org, The IESG <iesg@ietf.org>, oauth@ietf.org, rfc-editor@rfc-editor.org
Subject: [OAUTH-WG] Protocol Action: 'Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)' to Proposed Standard (draft-ietf-oauth-proof-of-possession-11.txt)
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Dec 2015 14:40:28 -0000
The IESG has approved the following document: - 'Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)' (draft-ietf-oauth-proof-of-possession-11.txt) as Proposed Standard This document is the product of the Web Authorization Protocol Working Group. The IESG contact persons are Stephen Farrell and Kathleen Moriarty. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-oauth-proof-of-possession/ Technical Summary This specification defines how to express a declaration in a JSON Web Token (JWT) that the presenter of the JWT possesses a particular key and that the recipient can cryptographically confirm proof-of- possession of the key by the presenter. This property is also sometimes described as the presenter being a holder-of-key. Working Group Summary The document was developed by the working group based on the requirements and architecture described in draft-ietf-oauth-pop-architecture. There is strong consensus behind this work. Document Quality There is at least one implementation of this draft confirmed on the OAuth mailing list. Personnel Kepeng Li is the document shepherd and Kathleen Moriarty is the responsible AD. IANA Note This specification establishes the IANA "JWT Confirmation Methods" registry for JWT "cnf" member values with Specification Required [RFC5226] and designated expert review on the oauth-pop-reg-review@ietf.org mailing list. CNF value is also added to the registry established in RFC7519