CBOR Web Token
RFC 8392, “CBOR Web Token”, is a Proposed Standard document published in May 2018 by M. Jones, E. Wahlstroem, S. Erdtman, H. Tschofenig. The canonical text is published by the RFC Editor.
Abstract
CBOR Web Token (CWT) is a compact means of representing claims to be transferred between two parties. The claims in a CWT are encoded in the Concise Binary Object Representation (CBOR), and CBOR Object Signing and Encryption (COSE) is used for added application-layer security protection. A claim is a piece of information asserted about a subject and is represented as a name/value pair consisting of a claim name and a claim value. CWT is derived from JSON Web Token (JWT) but uses CBOR rather than JSON.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8392 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8391 XMSS: eXtended Merkle Signature Scheme
- RFC 8393 Operating the Network Service Header with Next Protocol "None"
- RFC 8390 RSVP-TE Path Diversity Using Exclude Route
- RFC 8394 Split Network Virtualization Edge Control-Plane Requirements
- RFC 8389 Definitions of Managed Objects for Mapping of Address and Port with Encapsulation
- RFC 8395 Extensions to BGP-Signaled Pseudowires to Support Flow-Aware Transport Labels
- RFC 8388 Usage and Applicability of BGP MPLS-Based Ethernet VPN
- RFC 8396 Managing, Ordering, Distributing, Exposing, and Registering Telephone Numbers : Problem Statement, Use Cases, and Framework