Hi,
Thanks Deb ensuring this WG keep on moving the needle. Thanks Rifaat for
managing the comment process.
My own personal thoughts on the last version:
* “A procedure for enabling a client to register with an authorization
server”
* This seems to put a distinction between “procedure” and “protocol”
which escapes me. I am sure the term “procedure” has been carefully chosen but
I cannot understand why. Is that cause preregistering manually is not
standardized?
* In any case, adding to the mix the advent of CIMD, there is more than
one: 1/ manual process; 2/ DCR; 3/ and the work for CIMD now, while not being
registration as it aims to remove the need for, is still the establishment of
the core of trust between the client and the AS.
* On the Coordination:
* We had a lot of questions / thoughts on the same perimeter within
Agent-to-Agent. So far, this WG has been able to ensure it remains the
accountable place for the resolution of such questions. Still, this proves that
coordination must be nurtured and coordinated with them.
Jeff
Jean-François “Jeff” Lombardo | Amazon Web Services
Architecte Principal de Solutions, Stratégie de Sécurité
Principal Solution Architect, Security Strategy
Montréal, Canada
Commentaires à propos de notre échange? Exprimez-vous
ici<https://urldefense.com/v3/__https:/feedback.aws.amazon.com/?ea=jeffsec&fn=Jean*20Francois&ln=Lombardo__;JQ!!Pe07N362zA!0k9CkAV8Djpw_8EfIAKrbhP3TQrJr0oMnznlUgBJ3V3NoEk6hihx7dNHnQuejn6SSH2CP8Iow3G-tTzppHeg$>.
Thoughts on our interaction? Provide feedback
here<https://urldefense.com/v3/__https:/feedback.aws.amazon.com/?ea=jeffsec&fn=Jean*20Francois&ln=Lombardo__;JQ!!Pe07N362zA!0k9CkAV8Djpw_8EfIAKrbhP3TQrJr0oMnznlUgBJ3V3NoEk6hihx7dNHnQuejn6SSH2CP8Iow3G-tTzppHeg$>.
From: Rifaat Shekh-Yusef <[email protected]>
Sent: May 7, 2026 12:24 PM
To: oauth <[email protected]>
Subject: [EXT] [OAUTH-WG] OAuth WG Rechartering
CAUTION: This email originated from outside of the organization. Do not click
links or open attachments unless you can confirm the sender and know the
content is safe.
AVERTISSEMENT: Ce courrier électronique provient d’un expéditeur externe. Ne
cliquez sur aucun lien et n’ouvrez aucune pièce jointe si vous ne pouvez pas
confirmer l’identité de l’expéditeur et si vous n’êtes pas certain que le
contenu ne présente aucun risque.
All,
The OAuth WG chairs and the Security AD (Deb) have been collaborating on a
proposal to recharter the OAuth WG.
https://datatracker.ietf.org/doc/charter-ietf-oauth/
Deb put this on the agenda of the IESG telechat for My 21st.
Please, take a look and let us know if you have any comments.
Regards,
Rifaat & Hannes
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
