Very interesting work, it reminds me the SPID Attribute Authorities, where the users give their consent during the authentication, granting the RPs to consume RS on behalf of users
the AS/OP issues several grant tokens (JWT Embedded Tokens) as many consent give by the user to each Attribute Authority (RS). Each grant token represents the verifiable proof of the consent given by the user. The RP uses these grant tokens with the specific audience (AS) to exchange (STS) the grant token with a brearer or a DPoP Access Token, to be used to consume the RS. since this identity chaining is in line with the work made in Italy with the Attribute Authorities, or shows several point in common, I'm very happy to support this work and also I'd like to find with the help of the authors the commons elements between what we have implemented in Italy and this brand new specification. ad maiora Il giorno mar 14 nov 2023 alle ore 13:59 Rifaat Shekh-Yusef < rifaat.s.i...@gmail.com> ha scritto: > All, > > This is an *official* call for adoption for the *Identity Chaining *draft: > > https://datatracker.ietf.org/doc/draft-schwenkschuster-oauth-identity-chaining/ > > Please, reply on the mailing list and let us know if you are in favor or > against adopting this draft as WG document, by *Nov 28th.* > > Regards, > Rifaat & Hannes > _______________________________________________ > OAuth mailing list > OAuth@ietf.org > https://www.ietf.org/mailman/listinfo/oauth >
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth