The Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs) specification is now RFC 7800<http://www.rfc-editor.org/info/rfc7800> - an IETF standard. The abstract describes the specification as:
This specification describes how to declare in a JSON Web Token (JWT) that the presenter of the JWT possesses a particular proof-of-possession key and how the recipient can cryptographically confirm proof of possession of the key by the presenter. Being able to prove possession of a key is also sometimes described as the presenter being a holder-of-key. Thanks to John Bradley<http://www.thread-safe.com/>, Hannes Tschofenig<https://twitter.com/shingou>, and the OAuth working group for their work on this specification. -- Mike P.S. This notice was also posted at http://self-issued.info/?p=1561 and as @selfissued<https://twitter.com/selfissued>.
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
