Last Call: <draft-ietf-oauth-mtls-15.txt> (OAuth 2.0 Mutual TLS Client Authentication and Certificate-Bound Access Tokens) to Proposed Standard

The IESG <iesg-secretary@ietf.org> Thu, 11 July 2019 22:00 UTC

Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F6D7120156; Thu, 11 Jul 2019 15:00:24 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: "IETF-Announce" <ietf-announce@ietf.org>
Subject: Last Call: <draft-ietf-oauth-mtls-15.txt> (OAuth 2.0 Mutual TLS Client Authentication and Certificate-Bound Access Tokens) to Proposed Standard
X-Test-IDTracker: no
X-IETF-IDTracker: 6.98.3
Auto-Submitted: auto-generated
Precedence: bulk
Sender: <iesg-secretary@ietf.org>
CC: rdd@cert.org, draft-ietf-oauth-mtls@ietf.org, Rifaat Shekh-Yusef <rifaat.ietf@gmail.com>, rifaat.ietf@gmail.com, oauth@ietf.org, oauth-chairs@ietf.org
Content-Transfer-Encoding: 7bit
Reply-To: ietf@ietf.org
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <156288242409.12177.17933031479241192325.idtracker@ietfa.amsl.com>
Date: Thu, 11 Jul 2019 15:00:24 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/HAu7waTGHie2bjzJk0B69G1ZAtI>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 11 Jul 2019 22:00:24 -0000

The IESG has received a request from the Web Authorization Protocol WG
(oauth) to consider the following document: - 'OAuth 2.0 Mutual TLS Client
Authentication and Certificate-Bound
   Access Tokens'
  <draft-ietf-oauth-mtls-15.txt> as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2019-08-01. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the beginning of
the Subject line to allow automated sorting.

Abstract


   This document describes OAuth client authentication and certificate-
   bound access and refresh tokens using mutual Transport Layer Security
   (TLS) authentication with X.509 certificates.  OAuth clients are
   provided a mechanism for authentication to the authorization server
   using mutual TLS, based on either self-signed certificates or public
   key infrastructure (PKI).  OAuth authorization servers are provided a
   mechanism for binding access tokens to a client's mutual TLS
   certificate, and OAuth protected resources are provided a method for
   ensuring that such an access token presented to it was issued to the
   client presenting the token.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-oauth-mtls/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-oauth-mtls/ballot/


No IPR declarations have been submitted directly on this I-D.