Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)
draft-ietf-ace-cwt-proof-of-possession-11

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: rdd@cert.org, The IESG <iesg@ietf.org>, ace-chairs@ietf.org, kaduk@mit.edu, ace@ietf.org, draft-ietf-ace-cwt-proof-of-possession@ietf.org, rfc-editor@rfc-editor.org
Subject: Protocol Action: 'Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)' to Proposed Standard (draft-ietf-ace-cwt-proof-of-possession-11.txt)

The IESG has approved the following document:
- 'Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)'
  (draft-ietf-ace-cwt-proof-of-possession-11.txt) as Proposed Standard

This document is the product of the Authentication and Authorization for
Constrained Environments Working Group.

The IESG contact persons are Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-ace-cwt-proof-of-possession/


Technical Summary

This document specifies describes how to declare in a CBOR Web Token (CWT)
that the presenter of the CWT possesses a particular proof-of-possession key.
It is a functional equivalent to the proof of possession key semantics in 
JSON Web Tokens (JWTs) (RFC 7800) but using CBOR/CWT instead of JSON/JWT.

Working Group Summary

The WG has reached consensus to publish this protocol specification as a
Proposed Standard so that it tracks the equivalent work with JWTs (RFC 7800).
It has been subjected to review from the community of interest and the details
have been testing through various CWT implementations.

Document Quality

This document went through the usual level of review for the WG.  WGLC
and AD evaluation revealed some issues to address with respect to clarity,
but no major flaws were found.

Personnel

Roman Danyliw is the document shepherd.
Benjamin Kaduk is the responsible AD.