File formats:

Also available: XML file for editing

 

Status:

PROPOSED STANDARD

Authors:

T. Looker
M.B. Jones

Stream:

IETF

Source:

cose (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC9597

Discuss this RFC: Send questions or comments to the mailing list cose@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 9597

Abstract

This document describes how to include CBOR Web Token (CWT) claims in the header parameters of any CBOR Object Signing and Encryption (COSE) structure. This functionality helps to facilitate applications that wish to make use of CWT claims in encrypted COSE structures and/or COSE structures featuring detached signatures, while having some of those claims be available before decryption and/or without inspecting the detached payload. Another use case is using CWT claims with payloads that are not CWT Claims Sets, including payloads that are not CBOR at all.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.