I think this is useful and I support adoption. Joe
On Sat, Nov 15, 2025 at 10:08 PM Dmitry Izumskiy <[email protected]> wrote: > I support adoption > > -- `Dmitry > > On Fri, Nov 14, 2025 at 7:11 AM Warren Parad <wparad= > [email protected]> wrote: > >> +1 to What exactly what Neil said. >> >> On Fri, Nov 14, 2025 at 1:20 PM Neil Madden <[email protected]> >> wrote: >> >>> I support adoption in principle. It would be good to have some >>> explanation in the draft as to why the existing jwt bearer and mTLS client >>> auth methods are not sufficient, though. >>> >>> -- Neil >>> >>> > On 13 Nov 2025, at 20:04, Rifaat Shekh-Yusef via Datatracker < >>> [email protected]> wrote: >>> > >>> > >>> > Subject: Call for adoption: >>> draft-schwenkschuster-oauth-spiffe-client-auth-01 >>> > (Ends 2025-11-27) >>> > >>> > This message starts a 2-week Call for Adoption for this document. >>> > >>> > Abstract: >>> > This specification profiles the Assertion Framework for OAuth 2.0 >>> > Client Authentication and Authorization Grants [RFC7521] and JWT >>> > Profile for OAuth 2.0 Client Authentication and Authorization Grants >>> > [RFC7523] to enable the use of SPIFFE Verifiable Identity Documents >>> > (SVIDs) as client credentials in OAuth 2.0. It defines how OAuth >>> > clients with SPIFFE credentials can authenticate to OAuth >>> > authorization servers using their JWT-SVIDs or X.509-SVIDs without >>> > the need for client secrets. This approach enhances security by >>> > enabling seamless integration between SPIFFE-enabled workloads and >>> > OAuth authorization servers while eliminating the need to distribute >>> > and manage shared secrets such as static client secrets. >>> > >>> > File can be retrieved from: >>> > >>> https://datatracker.ietf.org/doc/draft-schwenkschuster-oauth-spiffe-client-auth/ >>> > >>> > Please reply to this message keeping [email protected] in copy by >>> indicating >>> > whether you support or not the adoption of this draft as a WG document. >>> > Comments to motivate your preference are highly appreciated. >>> > >>> > Authors, and WG participants in general, are reminded of the >>> Intellectual >>> > Property Rights (IPR) disclosure obligations described in BCP 79 [2]. >>> > Appropriate IPR disclosures required for full conformance with the >>> provisions >>> > of BCP 78 [1] and BCP 79 [2] must be filed, if you are aware of any. >>> > Sanctions available for application to violators of IETF IPR Policy >>> can be >>> > found at [3]. >>> > >>> > Thank you. >>> > [1] https://datatracker.ietf.org/doc/bcp78/ >>> > [2] https://datatracker.ietf.org/doc/bcp79/ >>> > [3] https://datatracker.ietf.org/doc/rfc6701/ >>> > >>> > >>> > >>> > _______________________________________________ >>> > OAuth mailing list -- [email protected] >>> > To unsubscribe send an email to [email protected] >>> >>> _______________________________________________ >>> OAuth mailing list -- [email protected] >>> To unsubscribe send an email to [email protected] >>> >> _______________________________________________ >> OAuth mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected] >
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
