All, Based on the feedback on the mailing list, we think there is enough support for this document to be adopted as a WG document.
*Authors,* Please, submit a new WG -00 draft with the same content of the individual -01 draft. Regards, Rifaat & Hannes On Wed, Nov 26, 2025 at 4:41 PM Justin Richer <[email protected]> wrote: > I support adoption. > > — Justin > > > On Nov 13, 2025, at 3:04 PM, Rifaat Shekh-Yusef via Datatracker < > [email protected]> wrote: > > > > > > Subject: Call for adoption: > draft-schwenkschuster-oauth-spiffe-client-auth-01 > > (Ends 2025-11-27) > > > > This message starts a 2-week Call for Adoption for this document. > > > > Abstract: > > This specification profiles the Assertion Framework for OAuth 2.0 > > Client Authentication and Authorization Grants [RFC7521] and JWT > > Profile for OAuth 2.0 Client Authentication and Authorization Grants > > [RFC7523] to enable the use of SPIFFE Verifiable Identity Documents > > (SVIDs) as client credentials in OAuth 2.0. It defines how OAuth > > clients with SPIFFE credentials can authenticate to OAuth > > authorization servers using their JWT-SVIDs or X.509-SVIDs without > > the need for client secrets. This approach enhances security by > > enabling seamless integration between SPIFFE-enabled workloads and > > OAuth authorization servers while eliminating the need to distribute > > and manage shared secrets such as static client secrets. > > > > File can be retrieved from: > > > https://datatracker.ietf.org/doc/draft-schwenkschuster-oauth-spiffe-client-auth/ > > > > Please reply to this message keeping [email protected] in copy by > indicating > > whether you support or not the adoption of this draft as a WG document. > > Comments to motivate your preference are highly appreciated. > > > > Authors, and WG participants in general, are reminded of the Intellectual > > Property Rights (IPR) disclosure obligations described in BCP 79 [2]. > > Appropriate IPR disclosures required for full conformance with the > provisions > > of BCP 78 [1] and BCP 79 [2] must be filed, if you are aware of any. > > Sanctions available for application to violators of IETF IPR Policy can > be > > found at [3]. > > > > Thank you. > > [1] https://datatracker.ietf.org/doc/bcp78/ > > [2] https://datatracker.ietf.org/doc/bcp79/ > > [3] https://datatracker.ietf.org/doc/rfc6701/ > > > > > > > > _______________________________________________ > > OAuth mailing list -- [email protected] > > To unsubscribe send an email to [email protected] > >
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
