Proof-of-Possession Key Semantics for JSON Web Tokens
RFC 7800, “Proof-of-Possession Key Semantics for JSON Web Tokens”, is a Proposed Standard document published in April 2016 by M. Jones, J. Bradley, H. Tschofenig. The canonical text is published by the RFC Editor.
Abstract
This specification describes how to declare in a JSON Web Token (JWT) that the presenter of the JWT possesses a particular proof-of- possession key and how the recipient can cryptographically confirm proof of possession of the key by the presenter. Being able to prove possession of a key is also sometimes described as the presenter being a holder-of-key.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 7800 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 7799 Active and Passive Metrics and Methods
- RFC 7801 GOST R 34.12-2015: Block Cipher "Kuznyechik"
- RFC 7798 RTP Payload Format for High Efficiency Video Coding
- RFC 7802 A Pseudo-Random Function for the Kerberos V Generic Security Service Application Program Interface Mechanism
- RFC 7797 JSON Web Signature Unencoded Payload Option
- RFC 7803 Changing the Registration Policy for the NETCONF Capability URNs Registry
- RFC 7796 Ethernet-Tree Support in Virtual Private LAN Service
- RFC 7804 Salted Challenge Response HTTP Authentication Mechanism