{
  "draft": "draft-ietf-stir-enhance-rfc8226-05",
  "doc_id": "RFC9118",
  "title": "Enhanced JSON Web Token (JWT) Claim Constraints for Secure Telephone Identity Revisited (STIR) Certificates",
  "authors": [
    "R. Housley"
  ],
  "format": [
    "XML",
    "TEXT",
    "HTML",
    "PDF"
  ],
  "page_count": "12",
  "pub_status": "PROPOSED STANDARD",
  "status": "PROPOSED STANDARD",
  "source": "Secure Telephone Identity Revisited",
  "abstract": "RFC 8226 specifies the use of certificates for Secure Telephone Identity Credentials; these certificates are often called \"Secure Telephone Identity Revisited (STIR) Certificates\".  RFC 8226 provides a certificate extension to constrain the JSON Web Token (JWT) claims that can be included in the Personal Assertion Token (PASSporT), as defined in RFC 8225.  If the PASSporT signer includes a JWT claim outside the constraint boundaries, then the PASSporT recipient will reject the entire PASSporT.  This document updates RFC 8226; it provides all of the capabilities available in the original certificate extension as well as an additional way to constrain the allowable JWT claims.  The enhanced extension can also provide a list of claims that are not allowed to be included in the PASSporT.",
  "pub_date": "August 2021",
  "keywords": [
    "X.509 Certificate Extension"
  ],
  "obsoletes": [],
  "obsoleted_by": [],
  "updates": [
    "RFC8226"
  ],
  "updated_by": [],
  "see_also": [],
  "doi": "10.17487/RFC9118",
  "errata_url": null
}