Hi Hannes, Thanks for the historical context. The AI agent workload context is a new driver: agents acting autonomously on behalf of users across multiple services, with authorization constraints that go beyond what scopes can express. This is what makes the question worth revisiting now. The discussion on this thread suggests interest has indeed increased. Happy to continue exploring whether the WG sees enough momentum to move forward. Thanks, Dapeng Liu ------------------------------------------------------------------ 发件人:Hannes Tschofenig <[email protected]> 发送时间:2026年7月7日(周二) 18:09 收件人:Yaron Sheffer<[email protected]>; oauth<[email protected]> 主 题:[OAUTH-WG] Re: Standardizing a policy language Hi Yaron, we had various discussions about policy languages over the years and also drafts in the past, see for example https://www.ietf.org/archive/id/draft-cecchetti-oauth-rar-cedar-02.html <https://www.ietf.org/archive/id/draft-cecchetti-oauth-rar-cedar-02.html > Unfortunately, there was not enough interest in any of that work. Would be interesting to hear from the group whether the interest has increased now due to the AI-related work. Ciao Hannes Am 14.06.2026 um 13:30 schrieb Yaron Sheffer: Hi, I came across the recently published draft-liu-oauth-rego-policy-00 [0]. First, apologies to the authors for commenting before they have had a chance to present the draft on this list. For many years, the OAuth community kept authorization policy languages out of scope. I agree with the authors that it may be time to revisit that position, particularly given the increased focus on workload authorization and AI agents operating as workloads. However, once we go there, we should also discuss what properties we need from such languages. As input to that discussion, I would point to a recent AWS blog post [1] explaining why Amazon chose Cedar for agentic workload authorization. Granted that AWS is not a neutral party, but the post highlights an important consideration: the ability to perform automated analysis of policies. Rego is more expressive and more widely deployed than Cedar. On the other hand, Cedar was designed to support reasoning about questions such as:
* Whether policies are unintentionally over-permissive or over-restrictive. * Whether policies overlap or conflict. * The impact of a policy change on authorization outcomes. It is far too early to discuss any specific language choice, but it would be useful to discuss the requirements, including the tradeoff between expressiveness and analyzability. Thanks, Yaron [0] https://www.ietf.org/archive/id/draft-liu-oauth-rego-policy-00.html <https://www.ietf.org/archive/id/draft-liu-oauth-rego-policy-00.html > [1] https://aws.amazon.com/blogs/security/why-policy-in-amazon-bedrock-agentcore-chose-cedar-for-securing-agentic-workflows/ <https://aws.amazon.com/blogs/security/why-policy-in-amazon-bedrock-agentcore-chose-cedar-for-securing-agentic-workflows/ > (discussion on Analyzability is in the second half of the post) _______________________________________________ OAuth mailing list -- [email protected] <mailto:[email protected] > To unsubscribe send an email to [email protected] <mailto:[email protected] >
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
