Search RFCs
RFC 8225
PASSporT: Personal Assertion Token,February 2018
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC8225
Discuss this RFC: Send questions or comments to the mailing liststir@ietf.org
Other actions:View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 8225
Abstract
This document defines a method for creating and validating a tokenthat cryptographically verifies an originating identity or, moregenerally, a URI or telephone number representing the originator ofpersonal communications. The Personal Assertion Token, PASSporT, iscryptographically signed to protect the integrity of the identity ofthe originator and to verify the assertion of the identityinformation at the destination. The cryptographic signature isdefined with the intention that it can confidently verify theoriginating persona even when the signature is sent to thedestination party over an insecure channel. PASSporT is particularlyuseful for many personal-communications applications over IP networksand other multi-hop interconnection scenarios where the originatingand destination parties may not have a direct trusted relationship.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.