Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs) (RFC 7800) describes how a JSON Web Token (JWT) can declare that the presenter of the JWT possesses a particular proof-of-Possession (PoP) key and that the recipient can cryptographically confirm proof-of-Possession of the key by the presenter. Proof-of-Possession of a key is also sometimes described as the presenter being a holder-of-key.

The OAuth 2.0 Proof-of-Possession (PoP) Security Architecture specification describes key confirmation, among other confirmation mechanisms.

The Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs) specification defines how to communicate key confirmation key information in JWTs.

The Proof Key for Code Exchange by OAuth Public Clients describes a Proof-of-Possession technique through the use of Proof Key for Code Exchange.

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-5) was last changed on 07-Apr-2016 13:13 by jim