Draft -14 of "OAuth 2.0 Mutual TLS Client Authentication and
Certificate-Bound Access Tokens" has been published. The changes in -14
(listed below) are editorial only and aim to provide some additional
clarity around some recent small points of confusion and discussion.
draft-ietf-oauth-mtls-14
o Editorial clarifications around there being only a single subject
registered/configured per client for the tls_client_auth method.
o Add a brief explanation about how, with tls_client_auth and
self_signed_tls_client_auth, refresh tokens are certificate-bound
indirectly via the client authentication.
o Add mention of refresh tokens in the abstract.
---------- Forwarded message ---------
From: <internet-dra...@ietf.org>
Date: Thu, Apr 11, 2019 at 2:21 PM
Subject: [OAUTH-WG] I-D Action: draft-ietf-oauth-mtls-14.txt
To: <i-d-annou...@ietf.org>
Cc: <oauth@ietf.org>
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Web Authorization Protocol WG of the IETF.
Title : OAuth 2.0 Mutual TLS Client Authentication and
Certificate-Bound Access Tokens
Authors : Brian Campbell
John Bradley
Nat Sakimura
Torsten Lodderstedt
Filename : draft-ietf-oauth-mtls-14.txt
Pages : 30
Date : 2019-04-11
Abstract:
This document describes OAuth client authentication and certificate-
bound access and refresh tokens using mutual Transport Layer Security
(TLS) authentication with X.509 certificates. OAuth clients are
provided a mechanism for authentication to the authorization server
using mutual TLS, based on either self-signed certificates or public
key infrastructure (PKI). OAuth authorization servers are provided a
mechanism for binding access tokens to a client's mutual TLS
certificate, and OAuth protected resources are provided a method for
ensuring that such an access token presented to it was issued to the
client presenting the token.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-oauth-mtls/
There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-oauth-mtls-14
https://datatracker.ietf.org/doc/html/draft-ietf-oauth-mtls-14
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-oauth-mtls-14
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
--
_CONFIDENTIALITY NOTICE: This email may contain confidential and privileged
material for the sole use of the intended recipient(s). Any review, use,
distribution or disclosure by others is strictly prohibited. If you have
received this communication in error, please notify the sender immediately
by e-mail and delete the message and any file attachments from your
computer. Thank you._
_______________________________________________
OAuth mailing list
OAuth@ietf.org
https://www.ietf.org/mailman/listinfo/oauth
