Initial Working Group Draft of Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)

IETF logoThe initial working group draft of the Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) specification has been posted. It contains the same normative content as draft-jones-ace-cwt-proof-of-possession-01. The abstract of the specification is:

This specification describes how to declare in a CBOR Web Token (CWT) that the presenter of the CWT possesses a particular proof-of-possession key. Being able to prove possession of a key is also sometimes described as the presenter being a holder-of-key. This specification provides equivalent functionality to “Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)” (RFC 7800), but using CBOR and CWTs rather than JSON and JWTs.

I look forward to working with my co-authors and the working group to hopefully complete this quickly!

The specification is available at:

An HTML-formatted version is also available at:

“Using RSA Algorithms with CBOR Object Signing and Encryption (COSE) Messages” is now RFC 8230

IETF logoThe “Using RSA Algorithms with CBOR Object Signing and Encryption (COSE) Messages” specification is now RFC 8230 – an IETF standard. The abstract for the specification is:

The CBOR Object Signing and Encryption (COSE) specification defines cryptographic message encodings using Concise Binary Object Representation (CBOR). This specification defines algorithm encodings and representations enabling RSA algorithms to be used for COSE messages. Encodings are specified for the use of RSA Probabilistic Signature Scheme (RSASSA-PSS) signatures, RSA Encryption Scheme – Optimal Asymmetric Encryption Padding (RSAES-OAEP) encryption, and RSA keys.

Some of these values are already being used by the sixth working draft of the W3C Web Authentication specification. In addition, the WebAuthn specification defines algorithm values for RSASSA-PKCS1-v1_5 signatures, which are used by TPMs, among other applications. The RSASSA-PKCS1-v1_5 signature algorithm values should also be registered shortly.

Thanks to Kathleen Moriarty for her Area Director sponsorship of the specification!

OAuth Authorization Server Metadata spec incorporating Area Director feedback

OAuth logoThe OAuth Authorization Server Metadata specification has been updated to incorporate feedback from Security Area Director Eric Rescorla. Thanks to EKR for his useful review. A number of defaults and restrictions are now better specified.

The specification is available at:

An HTML-formatted version is also available at:

CBOR Web Token (CWT) specification addressing all known issues

IETF logoA new CBOR Web Token (CWT) draft has been published that updates the diagnostic notation for embedded objects in the examples. Thanks to Samuel Erdtman for making these updates. Thanks to Carsten Bormann for reviewing the examples!

This addresses all known issues with the specification. I believe that it is now time to request publication.

The specification is available at:

An HTML-formatted version is also available at:

Initial working group draft of JSON Web Token Best Current Practices

OAuth logoI’m happy to announce that the OAuth working group adopted the JSON Web Token Best Current Practices (JWT BCP) draft that Yaron Sheffer, Dick Hardt, and I had worked on, following discussions at IETF 99 in Prague and on the working group mailing list. The specification is available at: An HTML-formatted version is also available at:

JSON Web Token Best Current Practices draft describing Explicit Typing

OAuth logoThe JWT BCP draft has been updated to describe the use of explicit typing of JWTs as one of the ways to prevent confusion among different kinds of JWTs. This is accomplished by including an explicit type for the JWT in the “typ” header parameter. For instance, the Security Event Token (SET) specification now uses the “application/secevent+jwt” content type to explicitly type SETs. The specification is available at: An HTML-formatted version is also available at:

Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) spec addressing review comments

IETF logoThe Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) specification has been updated to address comments received since its initial publication. Changes were:
  • Tracked CBOR Web Token (CWT) Claims Registry updates.
  • Addressed review comments by Michael Richardson and Jim Schaad.
  • Added co-authors Ludwig Seitz, Göran Selander, Erik Wahlström, Samuel Erdtman, and Hannes Tschofenig.
Thanks for the feedback received to date! The specification is available at: An HTML-formatted version is also available at:

Security Event Token (SET) specification preventing token confusion

IETF logoA new version of the Security Event Token (SET) specification has been published containing measures that prevent any possibility of confusion between ID Tokens and SETs. Preventing confusion between SETs, access tokens, and other kinds of JWTs is also covered. Changes were:
  • Added the Requirements for SET Profiles section.
  • Expanded the Security Considerations section to describe how to prevent confusion of SETs with ID Tokens, access tokens, and other kinds of JWTs.
  • Registered the application/secevent+jwt media type and defined how to use it for explicit typing of SETs.
  • Clarified the misleading statement that used to say that a SET conveys a single security event.
  • Added a note explicitly acknowledging that some SET profiles may choose to convey event subject information in the event payload.
  • Corrected an encoded claims set example.
  • Applied grammar corrections.
This draft is intended to provide solutions to the issues that had been discussed in IETF 98 Continue reading "Security Event Token (SET) specification preventing token confusion"

Authentication Method Reference Values is now RFC 8176

IETF logoThe Authentication Method Reference Values specification is now RFC 8176. The abstract describes the specification as:
The amr (Authentication Methods References) claim is defined and registered in the IANA “JSON Web Token Claims” registry, but no standard Authentication Method Reference values are currently defined. This specification establishes a registry for Authentication Method Reference values and defines an initial set of Authentication Method Reference values.
The specification defines and registers some Authentication Method Reference values such as the following, which are already in use by some Google and Microsoft products and OpenID specifications:
  • face” – Facial recognition
  • fpt” – Fingerprint
  • hwk” – Proof-of-possession of a hardware-secured key
  • otp” – One-time password
  • pin” – Personal Identification Number
  • pwd” – Password
  • swk” – Proof-of-possession of a software-secured key
  • sms” – Confirmation using SMS
  • user” – Continue reading "Authentication Method Reference Values is now RFC 8176"

“Using RSA Algorithms with COSE Messages” specification addressing IETF last call feedback

IETF logoA new version of the “Using RSA Algorithms with COSE Messages” specification has been published that addresses the IETF last call feedback received. Additional security considerations were added and the IANA Considerations instructions were made more precise. Thanks to Roni Even and Steve Kent for their useful reviews! The specification is available at: An HTML-formatted version is also available at:

CBOR Web Token (CWT) specification addressing WGLC feedback

IETF logoA new CBOR Web Token (CWT) draft has been published that addresses the Working Group Last Call (WGLC) feedback received. Changes were:
  • Say that CWT is derived from JWT, rather than CWT is a profile of JWT.
  • Used CBOR type names in descriptions, rather than major/minor type numbers.
  • Clarified the NumericDate and StringOrURI descriptions.
  • Changed to allow CWT claim names to use values of any legal CBOR map key type.
  • Changed to use the CWT tag to identify nested CWTs instead of the CWT content type.
  • Added an example using a floating-point date value.
  • Acknowledged reviewers.
Thanks to Samuel Erdtman for doing the majority of the editing for this draft. As always, people are highly encouraged to validate the examples. The specification is available at: An HTML-formatted version is also available at:

Clarified Security Considerations in Using RSA Algorithms with COSE Messages

IETF logoA slightly updated version of the “Using RSA Algorithms with COSE Messages” specification has been published in preparation for IETF last call. Changes were:
  • Clarified the Security Considerations in ways suggested by Kathleen Moriarty.
  • Acknowledged reviewers.
The specification is available at: An HTML-formatted version is also available at:

Fifth working draft of W3C Web Authentication Specification

W3C logoThe W3C Web Authentication working group has published the fifth working draft of the W3C Web Authentication specification. It has a new title that’s more reflective of what it enables: “Web Authentication: An API for accessing Public Key Credentials”. Among other changes, the draft is now aligned with the W3C Credential Management API. Numerous issues were resolved and many improvements in the process of creating this release. While not a candidate recommendation, this version is informally intended by the working group to be an Implementer’s Draft, which will be used for experimenting with implementations of the API.

Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)

IETF logoWith the CBOR Web Token (CWT) specification nearing completion, which provides the CBOR equivalent of JWTs, I thought that it was also time to introduce the CBOR equivalent of RFC 7800, “Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)”, so that applications using CWTs will have a standard representation for proof-of-possession keys. I know that PoP keys are important to ACE applications, for instance. I therefore took RFC 7800 and produced the CBOR/CWT equivalent of it. The specification is available at: An HTML-formatted version is also available at:

CBOR Web Token (CWT) specification correcting inconsistencies in examples

IETF logoA revised CBOR Web Token (CWT) draft has been published that corrects inconsistencies in the examples. Thanks to Jim Schaad for validating the examples and pointing out the inconsistencies and to Samuel Erdtman for fixing them. As before, people are highly encouraged to validate the updated examples. The specification is available at: An HTML-formatted version is also available at:

OpenID Connect Logout Implementer’s Drafts Approved

As announced by the OpenID Foundation, the OpenID membership has approved Implementer’s Drafts of the three OpenID Connect logout specifications. That means that developers and deployers can now count on the intellectual property protections that come with being Implementer’s Drafts. These are the first Implementer’s Drafts of these specifications:
  • Front-Channel Logout – Defines a front-channel logout mechanism that does not use an OP iframe on RP pages
  • Back-Channel Logout – Defines a logout mechanism that uses back-channel communication between the OP and RPs being logged out
Whereas, this is the fourth Implementer’s Draft of this specification:
  • Session Management – Defines how to manage OpenID Connect sessions, including postMessage-based logout functionality
Each of these protocols communicate logout requests from OpenID Providers to Relying Parties, but using different mechanisms that are appropriate for different use cases. See the Introduction sections of each of the specifications for descriptions of the mechanisms used and Continue reading "OpenID Connect Logout Implementer’s Drafts Approved"

AMR Values specification addressing Stephen Farrell’s comments

OAuth logoSecurity area director Stephen Farrell had asked us to make it as clear as possible to people who might be registering new “amr” values that names can identify families of closely-related authentication methods. This is now said right in the IANA Registration Template, so that people who might not have read the spec can’t miss it.

FYI, all the previous IESG DISCUSSes have now been cleared, so hopefully that means this is the last version to be published before the Authentication Method Reference Values specification becomes an RFC.

Thanks again to Stephen for his always-thorough reviews of the specification.

The specification is available at:

An HTML-formatted version is also available at:

OAuth Token Binding spec adding numerous examples and authorization code token binding

OAuth logoDraft -02 of the OAuth Token Binding specification adds example protocol messages for every distinct flow and also adds token binding for authorization codes. A lot of this is informed by implementation work that Brian Campbell has been doing, who did most of the heavy lifting for this draft. Working group members are requested to give the new text a read before IETF 98 in Chicago and to have a look at the updated open issues list. The descriptions of some of the flows were also clarified, thanks to William Denniss.

The specification is available at:

An HTML-formatted version is also available at: