I think that a key purpose for OAuth signing is a good idea, but the I-D should include an ASN.1 module.
See Appendix A of https://datatracker.ietf.org/doc/draft-jpfiset-lamps-attestationkey-eku/ for an example. Russ > On Oct 27, 2025, at 5:26 PM, David Dong via RT > <[email protected]> wrote: > > Dear Russ Housley, Sean Turner (cc: oauth WG), > > As the designated experts for the SMI Security for PKIX Extended Key Purpose > registry, can you review the proposed registration in > draft-ietf-oauth-status-list-13 for us? Please see: > > https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/ > > The due date is November 10th. > > If this is OK, when the IESG approves the document for publication, we'll > make the registration at: > > https://www.iana.org/assignments/smi-numbers/ > > Unless you ask us to wait for the other reviewer, we’ll act after the first > response we receive. > > With thanks, > > David Dong > IANA Services Sr. Specialist _______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
