I-D list for Web Authorization Protocol RSS FeedDocument changesurn:uuid:b2f0e82c-d25d-530c-86e1-4be4e2ea10ed2024-03-28T23:30:05-0700Global Token Revocation9827842024-03-21T14:54:24-07002024-03-21T14:54:24-0700Aaron PareckiNew version available: <b>draft-parecki-oauth-global-token-revocation-03.txt</b>new_revisionnoneactiveidexists Global Token Revocation enables parties such as a security incident
management tool or an external Identity Provider to send a request to
an Authorization Server to indicate that it should revoke all of the
user's existing tokens and require that the user re-authenticates
before issuing new tokens.
03Global Token Revocation9827832024-03-21T14:54:24-07002024-03-21T14:54:24-0700(System)New version approvednew_submissionnoneactiveidexistsGlobal Token Revocation9827822024-03-21T14:53:22-07002024-03-21T14:53:22-0700(System)Request for posting confirmation emailed to previous authors: Aaron Parecki <aaron@parecki.com>new_submissionnoneactiveidexistsGlobal Token Revocation9827812024-03-21T14:53:21-07002024-03-21T14:53:21-0700Aaron PareckiUploaded new revisionnew_submissionnoneactiveidexistsOAuth Identity and Authorization Chaining Across Domains9801062024-03-17T15:51:38-07002024-03-17T15:51:38-0700Justin RicherAdded to session: IETF-119: wimse Mon-0300added_commentietfoauthactiveidexistswg-docTransaction Tokens9801052024-03-17T15:51:37-07002024-03-17T15:51:37-0700Justin RicherAdded to session: IETF-119: wimse Mon-0300added_commentietfoauthactiveidexistswg-docTransaction Tokens9795662024-03-16T15:49:26-07002024-03-16T15:49:26-0700Atul TulshibagwaleNew version available: <b>draft-ietf-oauth-transaction-tokens-01.txt</b>new_revisionietfoauthactiveidexistswg-doc Transaction Tokens (Txn-Tokens) enable workloads in a trusted domain
to ensure that user identity and authorization context of an external
programmatic request, such as an API invocation, are preserved and
available to all workloads that are invoked as part of processing
such a request. Txn-Tokens also enable workloads within the trusted
domain to optionally immutably assert to downstream workloads that
they were invoked in the call chain of the request.
01Transaction Tokens9795652024-03-16T15:49:26-07002024-03-16T15:49:26-0700George FletcherNew version approvednew_submissionietfoauthactiveidexistswg-docTransaction Tokens9795612024-03-16T15:47:50-07002024-03-16T15:47:50-0700(System)Request for posting confirmation emailed to previous authors: Atul Tulshibagwale <atul@sgnl.ai>, George Fletcher <george.fletcher@capitalone.com>, Pieter Kasselman <pieter.kasselman@microsoft.com>new_submissionietfoauthactiveidexistswg-docTransaction Tokens9795602024-03-16T15:47:44-07002024-03-16T15:47:44-0700Atul TulshibagwaleUploaded new revisionnew_submissionietfoauthactiveidexistswg-docCedar Profile for OAuth 2.0 Rich Authorization Requests9792222024-03-15T06:43:19-07002024-03-15T06:43:19-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Fri-0500added_commentnoneactiveidexistsGlobal Token Revocation9792212024-03-15T06:43:19-07002024-03-15T06:43:19-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Fri-0500added_commentnoneactiveidexistsOAuth 2.0 for First-Party Applications9792202024-03-15T06:43:19-07002024-03-15T06:43:19-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Fri-0500added_commentnoneactiveidexistsCross-Device Flows: Security Best Current Practice9792192024-03-15T06:43:18-07002024-03-15T06:43:18-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Fri-0500added_commentietfoauthactiveidexistswg-docThe OAuth 2.1 Authorization Framework9792182024-03-15T06:43:18-07002024-03-15T06:43:18-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Fri-0500added_commentietfoauthactiveidexistswg-docOAuth Status Attestations9792172024-03-15T06:42:00-07002024-03-15T06:42:00-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Wed-2330added_commentnoneactiveidexistsOAuth 2.0 Nonce Endpoint9792162024-03-15T06:42:00-07002024-03-15T06:42:00-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Wed-2330added_commentnoneactiveidexistsToken Status List9792152024-03-15T06:42:00-07002024-03-15T06:42:00-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Wed-2330added_commentietfoauthactiveidexistswg-docOAuth 2.0 Attestation-Based Client Authentication9792142024-03-15T06:42:00-07002024-03-15T06:42:00-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Wed-2330added_commentietfoauthactiveidexistswg-docSD-JWT-based Verifiable Credentials (SD-JWT VC)9792132024-03-15T06:41:59-07002024-03-15T06:41:59-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Wed-2330added_commentietfoauthactiveidexistswg-docIdentity Assertion Authorization Grant9792122024-03-15T06:39:54-07002024-03-15T06:39:54-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Tue-2330added_commentnoneactiveidexistsOAuth Identity and Authorization Chaining Across Domains9792112024-03-15T06:39:54-07002024-03-15T06:39:54-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Tue-2330added_commentietfoauthactiveidexistswg-docTransaction Tokens9792102024-03-15T06:39:54-07002024-03-15T06:39:54-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Tue-2330added_commentietfoauthactiveidexistswg-docOAuth 2.0 Protected Resource Metadata9792092024-03-15T06:39:53-07002024-03-15T06:39:53-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Tue-2330added_commentietfoauthactiveidexistswg-docSelective Disclosure for JWTs (SD-JWT)9792082024-03-15T06:39:53-07002024-03-15T06:39:53-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Tue-2330added_commentietfoauthactiveidexistswg-docOAuth 2.0 for Browser-Based Apps9792072024-03-15T06:39:53-07002024-03-15T06:39:53-0700Rifaat Shekh-YusefAdded to session: IETF-119: oauth Tue-2330added_commentietfoauthactiveidexistswg-doc