UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF - RFC 9118

Enhanced JSON Web Token (JWT) Claim Constraints for Secure Telephone Identity Revisited (STIR) Certificates

active, Most Current
Organization: IETF
Publication Date: 1 August 2021
Status: active
Page Count: 12
scope:

Abstract

RFC 8226 specifies the use of certificates for Secure Telephone Identity Credentials; these certificates are often called "Secure Telephone Identity Revisited (STIR) Certificates". RFC 8226 provides a certificate extension to constrain the JSON Web Token (JWT) claims that can be included in the Personal Assertion Token (PASSporT), as defined in RFC 8225. If the PASSporT signer includes a JWT claim outside the constraint boundaries, then the PASSporT recipient will reject the entire PASSporT. This document updates RFC 8226; it provides all of the capabilities available in the original certificate extension as well as an additional way to constrain the allowable JWT claims. The enhanced extension can also provide a list of claims that are not allowed to be included in the PASSporT.

Document History

RFC 9118
August 1, 2021
Enhanced JSON Web Token (JWT) Claim Constraints for Secure Telephone Identity Revisited (STIR) Certificates
Abstract RFC 8226 specifies the use of certificates for Secure Telephone Identity Credentials; these certificates are often called "Secure Telephone Identity Revisited (STIR) Certificates". RFC 8226...

References

This document references:
IETF RFC 7468 - Textual Encodings of PKIX, PKCS, and CMS Structures
Published by IETF on April 1, 2015
This document describes and discusses the textual encodings of the Public-Key Infrastructure X.509 (PKIX), Public-Key Cryptography Standards (PKCS), and Cryptographic Message Syntax (CMS). The...
This document references:
IETF RFC 8225 - PASSporT: Personal Assertion Token
Published by IETF on February 1, 2018
This document defines a method for creating and validating a token that cryptographically verifies an originating identity or, more generally, a URI or telephone number representing the originator of...
This document references:
ISO/IEC 646 - Information Technology - ISO 7-Bit Coded Character Set for Information Interchange
Published by ISO on December 15, 1991
This International Standard specifies a set of 128 characters, (control characters and graphic characters such as letters, digits and symbols) with their coded representation. Most of these...
This document references:
ITU-T X.680 - Information technology – Abstract Syntax Notation One (ASN.1): Specification of basic notation
Published by ITU-T on August 1, 2015
This Recommendation | International Standard provides a standard notation called Abstract Syntax Notation One (ASN.1) that is used for the definition of data types, values, and constraints on data...
This document supersedes:
IETF RFC 8226 - Secure Telephone Identity Credentials: Certificates
Published by IETF on February 1, 2018
In order to prevent the impersonation of telephone numbers on the Internet, some kind of credential system needs to exist that cryptographically asserts authority over telephone numbers. This...
This document supersedes:
IETF RFC 8226 - Secure Telephone Identity Credentials: Certificates
Published by IETF on February 1, 2018
In order to prevent the impersonation of telephone numbers on the Internet, some kind of credential system needs to exist that cryptographically asserts authority over telephone numbers. This...
View Less
View All
Advertisement