I support adoption. On Fri, Nov 14, 2025 at 5:21 PM Dag Sneeggen <[email protected]> wrote:
> I also support adoption. > > Sent from Outlook for Android <https://aka.ms/AAb9ysg> > ------------------------------ > *From:* Flemming Andreasen (fandreas) <[email protected] > > > *Sent:* Thursday, November 13, 2025 10:46:55 PM > *To:* Lombardo, Jeff <[email protected]>; Rifaat > Shekh-Yusef <[email protected]>; > [email protected] < > [email protected]>; > [email protected] <[email protected]>; [email protected] < > [email protected]> > *Subject:* [OAUTH-WG] Re: Call for adoption: > draft-schwenkschuster-oauth-spiffe-client-auth-01 (Ends 2025-11-27) > > I support adoption > > Thanks > > -- Flemming > > On 11/13/25 4:15 PM, Lombardo, Jeff wrote: > > I support adoption > > Jean-François “Jeff” Lombardo | Amazon Web Services > > Architecte Principal de Solutions, Spécialiste de Sécurité > Principal Solution Architect, Security Specialist > Montréal, Canada > > Commentaires à propos de notre échange? Exprimez-vous ici. > > Thoughts on our interaction? Provide feedback here. > > -----Original Message----- > From: Rifaat Shekh-Yusef via Datatracker <[email protected]> <[email protected]> > Sent: November 13, 2025 3:04 PM > To: [email protected]; > [email protected]; [email protected] > Subject: [EXT] [OAUTH-WG] Call for adoption: > draft-schwenkschuster-oauth-spiffe-client-auth-01 (Ends 2025-11-27) > > CAUTION: This email originated from outside of the organization. Do not click > links or open attachments unless you can confirm the sender and know the > content is safe. > > > > AVERTISSEMENT: Ce courrier électronique provient d’un expéditeur externe. Ne > cliquez sur aucun lien et n’ouvrez aucune pièce jointe si vous ne pouvez pas > confirmer l’identité de l’expéditeur et si vous n’êtes pas certain que le > contenu ne présente aucun risque. > > > > Subject: Call for adoption: draft-schwenkschuster-oauth-spiffe-client-auth-01 > (Ends 2025-11-27) > > This message starts a 2-week Call for Adoption for this document. > > Abstract: > This specification profiles the Assertion Framework for OAuth 2.0 > Client Authentication and Authorization Grants [RFC7521] and JWT > Profile for OAuth 2.0 Client Authentication and Authorization Grants > [RFC7523] to enable the use of SPIFFE Verifiable Identity Documents > (SVIDs) as client credentials in OAuth 2.0. It defines how OAuth > clients with SPIFFE credentials can authenticate to OAuth > authorization servers using their JWT-SVIDs or X.509-SVIDs without > the need for client secrets. This approach enhances security by > enabling seamless integration between SPIFFE-enabled workloads and > OAuth authorization servers while eliminating the need to distribute > and manage shared secrets such as static client secrets. > > File can be retrieved > from:https://datatracker.ietf.org/doc/draft-schwenkschuster-oauth-spiffe-client-auth/ > > Please reply to this message keeping [email protected] in copy by indicating > whether you support or not the adoption of this draft as a WG document. > Comments to motivate your preference are highly appreciated. > > Authors, and WG participants in general, are reminded of the Intellectual > Property Rights (IPR) disclosure obligations described in BCP 79 [2]. > Appropriate IPR disclosures required for full conformance with the provisions > of BCP 78 [1] and BCP 79 [2] must be filed, if you are aware of any. > Sanctions available for application to violators of IETF IPR Policy can be > found at [3]. > > Thank you. > [1] https://datatracker.ietf.org/doc/bcp78/ > [2] https://datatracker.ietf.org/doc/bcp79/ > [3] https://datatracker.ietf.org/doc/rfc6701/ > > > > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected] > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected] > > > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
