A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.
Title : JSON Web Token Best Current Practices
Authors : Yaron Sheffer
Dick Hardt
Michael B. Jones
Filename : draft-ietf-oauth-jwt-bcp-01.txt
Pages : 12
Date : 2018-03-22
Abstract:
JSON Web Tokens, also known as JWTs [RFC7519], are URL-safe JSON-
based security tokens that contain a set of claims that can be signed
and/or encrypted. JWTs are being widely used and deployed as a
simple security token format in numerous protocols and applications,
both in the area of digital identity, and in other application areas.
The goal of this Best Current Practices document is to provide
actionable guidance leading to secure implementation and deployment
of JWTs.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-jwt-bcp/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-oauth-jwt-bcp-01
https://datatracker.ietf.org/doc/html/draft-ietf-oauth-jwt-bcp-01
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-jwt-bcp-01
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
