Hi Christopher,
Thank you for your email and for sharing your draft, 
draft-emerson-oauth-user-mediated-delivery-00. We are very pleased to hear that 
our use case and gap analysis was helpful in contextualizing your work.
The primary goal of our draft is to help the community clarify the problem 
space for agent authorization. Your hands-on experience in building a 
real-world solution is precisely the kind of input that can help us make our 
document more accurate and comprehensive. Your insights would be invaluable in 
ensuring we are mapping the territory correctly.
To that end, we have two key questions for you, based on your practical 
experience:
Regarding the Use Cases: Do the scenarios currently described in Section 3 of 
our draft (draft-chen-oauth-agent-authz-use-cases-01) adequately cover the 
situations you have encountered in practice? Or are there significant agent 
authorization scenarios you've had to solve for that are not yet represented?
Regarding the Gap Analysis: Does our gap analysis fully capture the fundamental 
problems you've faced? Your draft provides a brilliant solution pattern that 
addresses several of the gaps we identified. We are curious if, during your 
development process, you encountered other, perhaps more subtle, gaps or 
challenges that are not yet on our list.
Your feedback on these points would be extremely valuable as we prepare the 
next revision. A more robust problem definition will benefit the entire working 
group as we move towards developing solutions.
Thank you again for initiating this important conversation.
Best regards,
Meiling


[email protected]
 
From: Christopher Emerson
Date: 2026-07-07 11:23
To: [email protected]
CC: oauth
Subject: Re: [OAUTH-WG] Re: New Version Notification for 
draft-chen-oauth-agent-authz-use-cases-01.txt

Hi Meiling,

Thank you for this draft. The gap analysis is a useful catalogue, and it
matches what we see building agent access against real applications.

Gap 2 in your summary ("the framework has no built-in mechanism for an
agent to 'pause' and securely ask the user for an intermediate decision")
is the problem I tried to address in
draft-emerson-oauth-user-mediated-delivery-00, posted last week:

  https://datatracker.ietf.org/doc/draft-emerson-oauth-user-mediated-delivery/

It proposes user-mediated credential delivery as a complementary
primitive: the credential is delivered to the user through
human-controlled channels, and the user hands it to the agent, so the
authorization decision happens outside the agent's execution context.
There is no redirect, callback, or other agent-addressable path for an
injected instruction to exploit.

The same primitive gives a concrete shape to two of your other gaps:

- Gap 1 (just-in-time authorization): when an agent attempts an
  operation outside its granted scope, the system returns an error
  identifying the specific missing scope, and the escalation runs
  through the user as a renewed user-mediated grant (Section 4.2 of
  the draft). Scope changes always terminate at a human decision.

- Gap 4 (revocation): grants are per-connection and validated by
  introspection on each request, so revoking one agent's access is
  immediate and does not affect other connections.

I would welcome the group's thoughts on whether user-mediated delivery
is a useful primitive for the requirements you catalogue, particularly
the personal and consumer scenarios in section 3.1, where the end user
rather than an enterprise administrator is the authority.

Best regards,
Christopher Emerson 
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to