Hello, I've spoken to Pieter about this at IETF 115, but this draft (which is likely to get approved) of subject identifiers could be considered for the FTA work. This is to enable multiple trust domains to talk about subjects of tokens in a consistent way. This is already used in the OpenID SSE / CAEP / RISC set of specifications.
https://datatracker.ietf.org/doc/html/draft-ietf-secevent-subject-identifiers-14 Because FTA may be talking about principals that the various tenants across different cloud platforms already recognize, the "iss/sub" format could be useful to FTA. Atul
_______________________________________________ OAuth mailing list OAuth@ietf.org https://www.ietf.org/mailman/listinfo/oauth
