Internet-Draft draft-ietf-oauth-attestation-based-client-auth-08.txt is now
available. It is a work item of the Web Authorization Protocol (OAUTH) WG of
the IETF.
Title: OAuth 2.0 Attestation-Based Client Authentication
Authors: Tobias Looker
Paul Bastian
Christian Bormann
Name: draft-ietf-oauth-attestation-based-client-auth-08.txt
Pages: 30
Dates: 2026-03-02
Abstract:
This specification defines an extension to the OAuth 2.0 protocol
[RFC6749] that enables a client instance to include a key-bound
attestation when interacting with an Authorization Server or Resource
Server. This mechanism allows a client instance to prove its
authenticity verified by a client attester without revealing its
target audience to that attester. It may also serve as a mechanism
for client authentication as per OAuth 2.0.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-attestation-based-client-auth/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-oauth-attestation-based-client-auth-08.html
A diff from the previous version is available at:
https://author-tools.ietf.org/iddiff?url2=draft-ietf-oauth-attestation-based-client-auth-08
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
