Hi OAuth WG, Chairs, 1) We have a new draft on cross-domain transaction tokens. https://datatracker.ietf.org/doc/draft-liu-cross-domain-txn-token/
We have been discussing with several participants on and off line about this topic, most if not all of them expressed great interest. This document solves (or try to solve) the secure propagation of workflow-related contextual claims (txn, tctx, rctx, req_wl) across trust domains, which was not included in the previously existing transaction tokens draft, but now might be the time to discuss extending the design. Thus we wish to request 10+5 minutes of agenda time to present this at Vienna. Aware of Rifaat’s email on very large number of slot requests for agenda time, we will focus on use cases and gap analysis in telecom and finance sectors that we encounter. We will also invest time in implementing transaction token’s open source repository, if the working group thinks this direction is a good idea. 2) We also have a batch authorization delegation draft that focus on enabling a one-time batch authorization for downstream services. https://datatracker.ietf.org/doc/draft-ni-batch-authorization-delegation/ This is done by extending RAR with may_act fields to bind distinct permissions to designated actors. If time permits, we hope to request another 5 minutes to present this altogether. If not, we are also happy to be instructed to combine with or talk to other teams that have a similar scope, before vienna. Both drafts address real-world cross-domain, multi-step scenarios emerging in collaborative service ecosystems and AI Agents. We believe these directions are of strong interest to the WG and would welcome your valuable feedback. Best, Peter and Yuan ======= Internet-Draft draft-liu-cross-domain-txn-token-00.txt is now available. Title: Cross-domain Transaction Tokens Authors: Chunchi Peter Liu Yuan Ni Name: draft-liu-cross-domain-txn-token-00.txt Pages: 20 Dates: 2026-06-30 Abstract: This document describes a mechanism for Cross-Domain Transaction Tokens, which enables the safe maintenance and propagation of user identity, workload identities, and authorization context across multiple trust domains. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-liu-cross-domain-txn-token/ === Internet-Draft draft-ni-batch-authorization-delegation-00.txt is now available. Title: Batch Authorization Delegation Authors: Yuan Ni Chunchi Peter Liu Name: draft-ni-batch-authorization-delegation-00.txt Pages: 23 Dates: 2026-06-30 Abstract: This document describes a mechanism for Batch Authorization Delegation, which enables a batch of fine-grained, actor-bound permissions in a single request and securely delegates them to multiple collaborating actors. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ni-batch-authorization-delegation/ From: Rifaat Shekh-Yusef <[email protected]> Sent: Sunday, June 21, 2026 6:43 AM To: oauth <[email protected]> Subject: [OAUTH-WG] Call for topics for Vienna All, As per the preliminary agenda, we have two OAu=h sessions at: Thursday, 2:00-4:00pm Friday, 9:00-11:00am If =ou have not done so already, let us know, as soon as possible, if you have=a topic that you would like to present and discuss in Vienna. Regar=s, Rifaat & Hannes
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
