From 66d8ddee530921f97de7e70e5146eee35624be56 Mon Sep 17 00:00:00 2001 From: Paul Bastian Date: Wed, 10 Dec 2025 16:36:20 +0100 Subject: [PATCH] mandate unttaged CWT --- draft-ietf-oauth-status-list.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-oauth-status-list.md b/draft-ietf-oauth-status-list.md index 09da46b..0a1b39d 100644 --- a/draft-ietf-oauth-status-list.md +++ b/draft-ietf-oauth-status-list.md @@ -445,7 +445,7 @@ The following is a non-normative example of a Status List Token in JWT format: ## Status List Token in CWT Format {#status-list-token-cwt} -The Status List Token MUST be encoded as a "CBOR Web Token (CWT)" according to {{RFC8392}}. +The Status List Token MUST be encoded as a "CBOR Web Token (CWT)" according to {{RFC8392}}. The Status List Token MUST not be tagged with the tags defined in section 6 of {{RFC8392}} or in section 2 of {{RFC9052}}. The following content applies to the protected header of the CWT: