Internet-Draft draft-ietf-oauth-spiffe-client-auth-00.txt is now available. It
is a work item of the Web Authorization Protocol (OAUTH) WG of the IETF.
Title: OAuth SPIFFE Client Authentication
Authors: Arndt Schwenkschuster
Pieter Kasselmann
Scott Rose
Name: draft-ietf-oauth-spiffe-client-auth-00.txt
Pages: 18
Dates: 2025-12-01
Abstract:
This specification profiles the Assertion Framework for OAuth 2.0
Client Authentication and Authorization Grants [RFC7521] and JWT
Profile for OAuth 2.0 Client Authentication and Authorization Grants
[RFC7523] to enable the use of SPIFFE Verifiable Identity Documents
(SVIDs) as client credentials in OAuth 2.0. It defines how OAuth
clients with SPIFFE credentials can authenticate to OAuth
authorization servers using their JWT-SVIDs or X.509-SVIDs without
the need for client secrets. This approach enhances security by
enabling seamless integration between SPIFFE-enabled workloads and
OAuth authorization servers while eliminating the need to distribute
and manage shared secrets such as static client secrets.
The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-spiffe-client-auth/
There is also an HTML version available at:
https://www.ietf.org/archive/id/draft-ietf-oauth-spiffe-client-auth-00.html
Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
