UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

IETF RFC 8392

CBOR Web Token (CWT)

active, Most Current
Buy Now
Organization: IETF
Publication Date: 1 May 2018
Status: active
Page Count: 25
scope:

CBOR Web Token (CWT) is a compact means of representing claims to be transferred between two parties. The claims in a CWT are encoded in the Concise Binary Object Representation (CBOR), and CBOR Object Signing and Encryption (COSE) is used for added application-layer security protection. A claim is a piece of information asserted about a subject and is represented as a name/value pair consisting of a claim name and a claim value. CWT is derived from JSON Web Token (JWT) but uses CBOR rather than JSON.

Document History

IETF RFC 8392
May 1, 2018
CBOR Web Token (CWT)
CBOR Web Token (CWT) is a compact means of representing claims to be transferred between two parties. The claims in a CWT are encoded in the Concise Binary Object Representation (CBOR), and CBOR...

References

This document references:
IETF RFC 7049 - Concise Binary Object Representation (CBOR)
Published by IETF on October 1, 2013
The Concise Binary Object Representation (CBOR) is a data format whose design goals include the possibility of extremely small code size, fairly small message size, and extensibility without the need...
This document references:
IETF RFC 7515 - JSON Web Signature (JWS)
Published by IETF on May 1, 2015
JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based data structures. Cryptographic algorithms and identifiers for use...
This document references:
IETF RFC 7516 - JSON Web Encryption (JWE)
Published by IETF on May 1, 2015
JSON Web Encryption (JWE) represents encrypted content using JSON-based data structures. Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON...
This document references:
IETF RFC 8152 - CBOR Object Signing and Encryption (COSE)
Published by IETF on July 1, 2017
Concise Binary Object Representation (CBOR) is a data format designed for small code size and small message size. There is a need for the ability to have basic security services defined for this data...
This document is referenced by:
TR 103 582 - EMTEL; Study of use cases and communications involving IoT devices in provision of emergency situations
Published by ETSI on July 1, 2019
The present document considers communications involving IoT devices in all types of emergency situations. This includes the use of IoT devices to enhance: • Emergency calling, e.g. between...
This document is referenced by:
ISO/IEC 30118-2 - Information technology — Open Connectivity Foundation (OCF) Specification — Part 2: Security specification
Published by ISO on October 1, 2021
This document defines security objectives, philosophy, Resources and mechanism that impacts OCF base layers of ISO/IEC 30118-1. ISO/IEC 30118-1 contains informative security content. The OCF Security...
This document is referenced by:
IETF RFC 8747 - Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs)
Published by IETF on March 1, 2020
Abstract This specification describes how to declare in a CBOR Web Token (CWT) (which is defined by RFC 8392) that the presenter of the CWT possesses a particular proof-of-possession key. Being able...
This document is referenced by:
BS ISO/IEC 30118-2 - Information technology — Open Connectivity Foundation (OCF) Specification Part 2: Security specification
Published by BSI on November 30, 2018
A description is not available for this item.
This document is referenced by:
GR SAI 006 - Securing ArtificiaI Intelligence (SAI); The role of hardware in security of AI
Published by ETSI on March 1, 2022
The present document identifies the role of hardware, both specialized and general-purpose, in the security of AI. It addresses the mitigations available in hardware to prevent attacks (as identified...
View Less
View All
Advertisement