Internet-Draft draft-ietf-oauth-rfc8725bis-02.txt is now available. It is a
work item of the Web Authorization Protocol (OAUTH) WG of the IETF.
Title: JSON Web Token Best Current Practices
Authors: Yaron Sheffer
Dick Hardt
Michael B. Jones
Name: draft-ietf-oauth-rfc8725bis-02.txt
Pages: 21
Dates: 2025-11-07
Abstract:
JSON Web Tokens, also known as JWTs, are URL-safe JSON-based security
tokens that contain a set of claims that can be signed and/or
encrypted. JWTs are being widely used and deployed as a simple
security token format in numerous protocols and applications, both in
the area of digital identity and in other application areas. This
Best Current Practices (BCP) specification updates RFC 7519 to
provide actionable guidance leading to secure implementation and
deployment of JWTs.
This BCP specification furthermore replaces the existing JWT BCP
specification RFC 8725 to provide additional actionable guidance
covering threats and attacks that have been discovered since RFC 8725
was published.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-rfc8725bis/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-oauth-rfc8725bis-02.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-oauth-rfc8725bis-02
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
