…e 3] RFC 8392 CBOR Web Token May 2018 . Introduction The JSON Web Token (JWT) [ RFC7519 ] is a standardized security token format that has found use in OAuth 2.0 and OpenID Connect deployments, among other applications. JWT uses JSON Web Signature (JWS) [ RFC7515 ] and JSON Web E…

…tial as the plaintext payload of a JWE, per the description of Nested JWTs in [ RFC7519 ]. Example : A simple example of a verifiable credential secured with JOSE Credential jose "@context": [ "https://www.w3.org/ns/credentials/v2", "https://www.w3.org/ns/credentials/examples/v2"…

…ired Expert(s) Brian Campbell, Mike Jones, Nat Sakimura, Filip Skokan Reference RFC7519 Note Registration requests should be sent to the mailing list described in RFC7519 ]. If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana…

…uth 2.0 [ RFC6749 ] and uses the term "Claim" defined by JSON Web Token (JWT) [ RFC7519 ]. This specification defines the following terms: Client Software Software implementing an OAuth 2.0 client. Client Instance A deployed instance of a piece of client software. Client Develope…

…uth 2.0 [ RFC6749 ] and uses the term "Claim" defined by JSON Web Token (JWT) [ RFC7519 ]. This specification defines the following terms: Client Software Software implementing an OAuth 2.0 client. Client Instance A deployed instance of a piece of client software. Client Develope…

…ation metadata was issued. Data Type: Integer Syntax: NumericDate as defined in RFC7519 ], Section 4.1.6 Example: 1755514949 exp ( REQUIRED Identifies the expiration time on or after which the federation metadata is no longer valid. Once the exp time has passed, the metadata MUST…

… metadata was issued. - Data Type: Integer - Syntax: NumericDate as defined in [RFC7519], Section 4.1.6. - Example: 1755514949 * exp (REQUIRED) Identifies the expiration time on or after which the federation metadata is no longer valid. Once the exp time has passed, the metadata …

…de by an Entity. The terms Claim, Claim Name and Claim Value are as defined in [RFC7519]. * Claim Type: The intended use of a claim in the context of the message flows (e.g., asset lock claim). * Gateway Claim: An assertion made by a Gateway regarding the status or condition of r…

… Format This proof format relies on the well established JWT (JSON Web Token) [ RFC7519 ] and JWS (JSON Web Signature) [ RFC7515 ] specifications. A JSON Web Token Proof is a JWT signed and encoded as a Compact JWS string. The proof format is described in detail in [ VC-JOSE-COSE…

…acker. SQLite_mailing_list Clemens_Ladisch 2018-02-12 JSON Web Token (JWT) +jwt RFC7519, Section 3 ][ RFC8417, Section 7.2 binary; JWT values are encoded as a series of base64url-encoded values (with trailing '=' characters removed), some of which may be the empty string, separat…

…acker. SQLite_mailing_list Clemens_Ladisch 2018-02-12 JSON Web Token (JWT) +jwt RFC7519, Section 3 ][ RFC8417, Section 7.2 binary; JWT values are encoded as a series of base64url-encoded values (with trailing '=' characters removed), some of which may be the empty string, separat…

…g delivery of a push message, the application includes a JSON Web Token (JWT) [ RFC7519 ], signed using its signing key. The token includes a number of claims as follows: o An "aud" (Audience) claim in the token MUST include the Unicode serialization of the origin ( Section 6.1 o…

…how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7519. Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provision…

…yptographic envelope instead of embedding the proof in the data, such as JWTs [ RFC7519 ] and CWTs [ RFC8392 ]. These approaches have simplicity advantages in some use cases, at the expense of some of the benefits provided by the approach detailed in this specification. 5.13 Cano…

…ing value, resolving to a JSON object that leverages some JSON Web Token (JWT) [RFC7519] claims and elements. Token data association: The on-the-wire token is opaque; it is introspected at run time by the resource server through profiled use of the OAuth token introspection endpo…