Technical Summary
This specification defines how to express a declaration in a JSON Web
Token (JWT) that the presenter of the JWT possesses a particular key
and that the recipient can cryptographically confirm proof-of-
possession of the key by the presenter. This property is also
sometimes described as the presenter being a holder-of-key.
Working Group Summary
The document was developed by the working group based on the
requirements and architecture described in
draft-ietf-oauth-pop-architecture.
There is strong consensus behind this work.
Document Quality
There is at least one implementation of this draft
confirmed on the OAuth mailing list.
Personnel
Kepeng Li is the document shepherd and
Kathleen Moriarty is the responsible AD.
IANA Note
This specification establishes the IANA "JWT Confirmation Methods"
registry for JWT "cnf" member values with Specification Required [RFC5226]
and designated expert review on the oauth-pop-reg-review@ietf.org
mailing list.
CNF value is also added to the registry established in RFC7519