jiron is a library for working with encapsulated tokens. Encapsulated tokens can be used to encrypt and sign arbitrary messages, pass them around in untrusted environments (e.g. the Web), receive them back and still be sure that noone has seen or modified the original token. This is useful for authentication tokens, e.g. in the context of authorization delegation or cookie-based Web authentication.