You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: draft-ietf-oauth-status-list.md
+11-7Lines changed: 11 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -24,13 +24,16 @@ author:
24
24
email: chris.bormann@gmx.de
25
25
26
26
normative:
27
-
RFC7519: RFC7519
28
-
RFC8392: RFC8392
29
-
RFC3986: RFC3986
30
27
RFC1950: RFC1950
31
28
RFC1951: RFC1951
32
-
RFC7515: RFC7515
29
+
RFC3986: RFC3986
33
30
RFC6125: RFC6125
31
+
RFC7515: RFC7515
32
+
RFC7519: RFC7519
33
+
RFC8152: RFC8152
34
+
RFC8259: RFC8259
35
+
RFC8392: RFC8392
36
+
RFC8949: RFC8949
34
37
RFC9110: RFC9110
35
38
RFC9111: RFC9111
36
39
IANA.JWT: IANA.JWT
@@ -118,7 +121,7 @@ Status List Token:
118
121
: A token in JWT or CWT representation that contains a cryptographically secured Status List.
119
122
120
123
Referenced Token:
121
-
: A token in JWT or CWT representation which contains a reference to a Status List or Status List Token. The information from the contained Status List may give a Relying Party additional information about up-to-date status of the Referenced Token.
124
+
: A cryptographically secured data structure which contains a reference to a Status List or Status List Token. It is RECOMMENDED to use JSON {{RFC8259}} or CBOR {{RFC8949}} for representation of the token and secure it using JSON Object Signing as defined in {{RFC7515}} or CBOR Object Signing and Encryption as defined in {{RFC8152}}. The information from the contained Status List may give a Relying Party additional information about up-to-date status of the Referenced Token.
122
125
123
126
# Status List {#status-list}
124
127
@@ -201,7 +204,7 @@ The following content applies to the JWT Header:
201
204
202
205
The following content applies to the JWT Claims Set:
203
206
204
-
* `iss`: REQUIRED. The `iss` (issuer) claim MUST specify a unique string identifier for the entity that issued the Status List Token. In the absence of an application profile specifying otherwise, compliant applications MUST compare issuer values using the Simple String Comparison method defined in Section 6.2.1 of {{RFC3986}}. The value MUST be equal to that of the `iss` claim contained within the Referenced Token.
207
+
* `iss`: REQUIRED when also present in the Referenced Token. The `iss` (issuer) claim MUST specify a unique string identifier for the entity that issued the Status List Token. In the absence of an application profile specifying otherwise, compliant applications MUST compare issuer values using the Simple String Comparison method defined in Section 6.2.1 of {{RFC3986}}. The value MUST be equal to that of the `iss` claim contained within the Referenced Token.
205
208
* `sub`: REQUIRED. The `sub` (subject) claim MUST specify a unique string identifier for that Status List Token. The value MUST be equal to that of the `uri` claim contained in the `status_list` claim of the Referenced Token.
206
209
* `iat`: REQUIRED. The `iat` (issued at) claim MUST specify the time at which the Status List Token was issued.
207
210
* `exp`: OPTIONAL. The `exp` (expiration time) claim MAY convey the time at which it is considered expired by its Issuer.
@@ -239,7 +242,7 @@ The Referenced Token MUST be encoded as a "JSON Web Token (JWT)" according to {{
239
242
240
243
The following content applies to the JWT Claims Set:
241
244
242
-
* `iss`: REQUIRED. The `iss` (issuer) claim MUST specify a unique string identifier for the entity that issued the Referenced Token. In the absence of an application profile specifying otherwise, compliant applications MUST compare issuer values using the Simple String Comparison method defined in Section 6.2.1 of {{RFC3986}}. The value MUST be equal to that of the `iss` claim contained within the referenced Status List Token.
245
+
* `iss`: REQUIRED when also present in the Status List Token. The `iss` (issuer) claim MUST specify a unique string identifier for the entity that issued the Referenced Token. In the absence of an application profile specifying otherwise, compliant applications MUST compare issuer values using the Simple String Comparison method defined in Section 6.2.1 of {{RFC3986}}. The value MUST be equal to that of the `iss` claim contained within the referenced Status List Token.
243
246
* `status`: REQUIRED. The `status` (status) claim MUST specify a JSON Object that contains at least one reference to a status mechanism.
244
247
* `status_list`: REQUIRED when the status list mechanism defined in this specification is used. It contains a reference to a Status List or Status List Token. The object contains exactly two claims:
245
248
* `idx`: REQUIRED. The `idx` (index) claim MUST specify an Integer that represents the index to check for status information in the Status List for the current Referenced Token. The value of `idx` MUST be a non-negative number, containing a value of zero or greater.
@@ -593,6 +596,7 @@ for their valuable contributions, discussions and feedback to this specification
593
596
594
597
-02
595
598
599
+
* relax requirements on referenced token
596
600
* clarify Deflate / zlib compression
597
601
* make a reference to the Issuer-Holder-Verifier model of SD-JWT VC
0 commit comments