[IPP] Fwd: [OAUTH-WG] I-D Action: draft-ietf-oauth-client-id-metadata-document-00.txt

[IPP] Fwd: [OAUTH-WG] I-D Action: draft-ietf-oauth-client-id-metadata-document-00.txt

Michael Sweet msweet at msweet.org
Sat Oct 11 15:30:21 UTC 2025 

All,

This is a new "solution" to client registration...  I personally hope to see support for so-called "native" applications but right now (like most OAuth RFCs) very little is required...


> Begin forwarded message:
> 
> From: "Lombardo, Jeff" <jeffsec=40amazon.com at dmarc.ietf.org>
> Subject: [OAUTH-WG] Re: I-D Action: draft-ietf-oauth-client-id-metadata-document-00.txt
> Date: October 8, 2025 at 2:52:34 PM EDT
> To: "oauth at ietf.org" <oauth at ietf.org>, "i-d-announce at ietf.org" <i-d-announce at ietf.org>
> 
> Having done a review recently and looking at implementing it, I support adoption.
> 
> Jean-François “Jeff” Lombardo | Amazon Web Services
> 
> Architecte Principal de Solutions, Spécialiste de Sécurité
> Principal Solution Architect, Security Specialist
> Montréal, Canada
> 
> Commentaires à propos de notre échange? Exprimez-vous ici.
> 
> Thoughts on our interaction? Provide feedback here.
> 
> -----Original Message-----
> From: internet-drafts at ietf.org <internet-drafts at ietf.org> 
> Sent: October 8, 2025 2:48 PM
> To: i-d-announce at ietf.org
> Cc: oauth at ietf.org
> Subject: [EXT] [OAUTH-WG] I-D Action: draft-ietf-oauth-client-id-metadata-document-00.txt
> 
> CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.
> 
> 
> 
> AVERTISSEMENT: Ce courrier électronique provient d’un expéditeur externe. Ne cliquez sur aucun lien et n’ouvrez aucune pièce jointe si vous ne pouvez pas confirmer l’identité de l’expéditeur et si vous n’êtes pas certain que le contenu ne présente aucun risque.
> 
> 
> 
> Internet-Draft draft-ietf-oauth-client-id-metadata-document-00.txt is now available. It is a work item of the Web Authorization Protocol (OAUTH) WG of the IETF.
> 
>   Title:   OAuth Client ID Metadata Document
>   Authors: Aaron Parecki
>            Emelia Smith
>   Name:    draft-ietf-oauth-client-id-metadata-document-00.txt
>   Pages:   12
>   Dates:   2025-10-08
> 
> Abstract:
> 
>   This specification defines a mechanism through which an OAuth client
>   can identify itself to authorization servers, without prior dynamic
>   client registration or other existing registration.  This is through
>   the usage of a URL as a client_id in an OAuth flow, where the URL
>   refers to a document containing the necessary client metadata,
>   enabling the authorization server to fetch the metadata about the
>   client as needed.
> 
> The IETF datatracker status page for this Internet-Draft is:
> https://datatracker.ietf.org/doc/draft-ietf-oauth-client-id-metadata-document/
> 
> There is also an HTML version available at:
> https://www.ietf.org/archive/id/draft-ietf-oauth-client-id-metadata-document-00.html
> 
> Internet-Drafts are also available by rsync at:
> rsync.ietf.org::internet-drafts
> 
> 
> _______________________________________________
> OAuth mailing list -- oauth at ietf.org
> To unsubscribe send an email to oauth-leave at ietf.org
> _______________________________________________
> OAuth mailing list -- oauth at ietf.org
> To unsubscribe send an email to oauth-leave at ietf.org

________________________
Michael Sweet

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20251011/c08ba63e/attachment.html>

More information about the ipp mailing list