Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs), April 2016
- File formats:
- PROPOSED STANDARD
- M. Jones
- oauth (sec)
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
This specification describes how to declare in a JSON Web Token (JWT) that the presenter of the JWT possesses a particular proof-of- possession key and how the recipient can cryptographically confirm proof of possession of the key by the presenter. Being able to prove possession of a key is also sometimes described as the presenter being a holder-of-key.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 4844.