UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 8225

PASSporT: Personal Assertion Token

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 February 2018
Status: active
Page Count: 25
scope:

This document defines a method for creating and validating a token that cryptographically verifies an originating identity or, more generally, a URI or telephone number representing the originator of personal communications. The Personal Assertion Token, PASSporT, is cryptographically signed to protect the integrity of the identity of the originator and to verify the assertion of the identity information at the destination. The cryptographic signature is defined with the intention that it can confidently verify the originating persona even when the signature is sent to the destination party over an insecure channel. PASSporT is particularly useful for many personal-communications applications over IP networks and other multi-hop interconnection scenarios where the originating and destination parties may not have a direct trusted relationship.

Document History

IETF RFC 8225
February 1, 2018
PASSporT: Personal Assertion Token
This document defines a method for creating and validating a token that cryptographically verifies an originating identity or, more generally, a URI or telephone number representing the originator of...

References

This document references:
RFC 2046 - Multipurpose Internet Mail Extensions (MIME) Part Two: Media Types
Published by IETF on November 1, 1996
A description is not available for this item.
This document references:
IETF RFC 3629 - UTF-8, a transformation format of ISO 10646
Published by IETF on November 1, 2003
A description is not available for this item.
This document references:
IETF RFC 4566 - SDP: Session Description Protocol
Published by IETF on July 1, 2006
A description is not available for this item.
This document references:
RFC 3261 - SIP: Session Initiation Protocol
Published by IETF on June 1, 2002
A description is not available for this item.
This document is referenced by:
IETF RFC 8226 - Secure Telephone Identity Credentials: Certificates
Published by IETF on February 1, 2018
In order to prevent the impersonation of telephone numbers on the Internet, some kind of credential system needs to exist that cryptographically asserts authority over telephone numbers. This...
This document is referenced by:
ATIS 1000082 - Technical Report on SHAKEN APIs for a Centralized Signing and Signature Validation Server
Published by ATIS on May 1, 2018
Introduction This technical report defines a Representational State Transfer (REST)ful interface that can be used in the Signature based Handling of Asserted information using toKENs (SHAKEN)...
This document is referenced by:
IETF RFC 8417 - Security Event Token (SET)
Published by IETF on July 1, 2018
This specification defines the Security Event Token (SET) data structure. A SET describes statements of fact from the perspective of an issuer about a subject. These statements of fact represent an...
This document is referenced by:
IETF RFC 8443 - Personal Assertion Token (PASSporT) Extension for Resource Priority Authorization
Published by IETF on August 1, 2018
This document extends the Personal Assertion Token (PASSporT) specification defined in RFC 8225 to allow the inclusion of cryptographically signed assertions of authorization for the values populated...
View Less
View All
Advertisement