You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: draft-ietf-oauth-status-list.md
+12-3Lines changed: 12 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -36,6 +36,7 @@ normative:
36
36
informative:
37
37
RFC6749: RFC6749
38
38
RFC7662: RFC7662
39
+
RFC7800: RFC7800
39
40
40
41
--- abstract
41
42
@@ -81,7 +82,7 @@ Revocation mechanisms are an essential part for most identity ecosystems. In the
81
82
82
83
This specification seeks to find a balance between scalability, security, and privacy by minimizing the status information to mere bits (often a single bit) and compressing the resulting binary data. Thereby, a Status List may contain statuses of many thousands or millions Referenced Tokens while remaining as small as possible. Placing large amounts of Referenced Tokens into the same list also enables herd privacy relative to the Issuer.
83
84
84
-
There will likely be different mechanisms to convey token/credential status information in the foreseeable future depending on specific use-cases and their requirements. The way this information is transported in the token is defined with possible re-use or extension in mind.
85
+
This specification establishes the IANA "Status Mechanism Methods" registry for status mechanism in and registers the members defined by this specification. Other specifications can register other members used for confirmation, including other members for conveying proof-of-possession keys using different key representations.
85
86
86
87
## Design Considerations
87
88
@@ -226,6 +227,10 @@ TBD
226
227
227
228
# Referenced Token {#referenced-token}
228
229
230
+
## Status Claim {#status-claim}
231
+
232
+
By including a "status" claim in a JWT, the issuer of the JWT declares that the credential is referencing a mechanism to retrieve status information about this credential. The claim contains members used to reference to a status list as defined in this specification. Other members of the "status" object may be defined because status list means to check the status of a credential. This is analogous to "cnf" claim in Section 3.1 of {{RFC7800}} in which different authenticity confirmation methods can be included.
233
+
229
234
## Referenced Token in JWT Format {#referenced-token-jwt}
230
235
231
236
The Referenced Token MUST be encoded as a "JSON Web Token (JWT)" according to {{RFC7519}}.
@@ -428,14 +433,18 @@ IANA "JSON Web Token Claims" registry [@IANA.JWT] established by [@!RFC7519].
428
433
* Claim Name: `status`
429
434
* Claim Description: Reference to a status or validity mechanism containing up-to-date status information on the JWT.
430
435
* Change Controller: IETF
431
-
* Specification Document(s): [[ (#referenced-token-jwt) of this specification ]]
436
+
* Specification Document(s): [](#status-claim) of this specification
432
437
433
438
<br/>
434
439
435
440
* Claim Name: `status_list`
436
441
* Claim Description: A status list containing up-to-date status information on multiple other JWTs encoded as a bitarray.
437
442
* Change Controller: IETF
438
-
* Specification Document(s): [[ (#status-list-json) of this specification ]]
443
+
* Specification Document(s): [](#status-list-json) of this specification
This specification establishes the IANA "Status Mechanism Methods" registry for JWT "status" member values. The registry records the status mechanism method member and a reference to the specification that defines it.
0 commit comments