I just happened to notice this and given the title of the draft, "Federated Authentication for the Registration Data Access Protocol (RDAP) using OpenID Connect" thought it might be of interest to some in the OIDC or OAuth working groups (both cc'd). I don't have the cycles (or energy to be honest) to review it but thought it'd be worthwhile to make others here aware in case they did have the time or motivation. Sorry for the noise otherwise.
---------- Forwarded message --------- From: The IESG <iesg-secret...@ietf.org> Date: Fri, Aug 18, 2023 at 11:31 PM Subject: Last Call: <draft-ietf-regext-rdap-openid-24.txt> (Federated Authentication for the Registration Data Access Protocol (RDAP) using OpenID Connect) to Proposed Standard To: IETF-Announce <ietf-annou...@ietf.org> Cc: <regext-cha...@ietf.org>, <draft-ietf-regext-rdap-ope...@ietf.org>, < reg...@ietf.org>, <zalba...@verisign.com> The IESG has received a request from the Registration Protocols Extensions WG (regext) to consider the following document: - 'Federated Authentication for the Registration Data Access Protocol (RDAP) using OpenID Connect' <draft-ietf-regext-rdap-openid-24.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the last-c...@ietf.org mailing lists by 2023-09-01. Exceptionally, comments may be sent to i...@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract The Registration Data Access Protocol (RDAP) provides "RESTful" web services to retrieve registration metadata from domain name and regional internet registries. RDAP allows a server to make access control decisions based on client identity, and as such it includes support for client identification features provided by the Hypertext Transfer Protocol (HTTP). Identification methods that require clients to obtain and manage credentials from every RDAP server operator present management challenges for both clients and servers, whereas a federated authentication system would make it easier to operate and use RDAP without the need to maintain server-specific client credentials. This document describes a federated authentication system for RDAP based on OpenID Connect. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-regext-rdap-openid/ No IPR declarations have been submitted directly on this I-D. _______________________________________________ IETF-Announce mailing list ietf-annou...@ietf.org https://www.ietf.org/mailman/listinfo/ietf-announce -- _CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. Thank you._
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth