[New-wg-docs] I-D Action: draft-ietf-wimse-workload-identity-bcp-00.txt

internet-drafts@ietf.org Fri, 05 April 2024 20:24 UTC

MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: new-wg-docs@ietf.org
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <171234869416.46811.3607643443513875135@ietfa.amsl.com>
Date: Fri, 05 Apr 2024 13:24:54 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/new-wg-docs/clCKW9BSSOIpVOUANxXmQ2yYf4E>
Subject: [New-wg-docs] I-D Action: draft-ietf-wimse-workload-identity-bcp-00.txt

Internet-Draft draft-ietf-wimse-workload-identity-bcp-00.txt is now available.
It is a work item of the Workload Identity in Multi System Environments
(WIMSE) WG of the IETF.

   Title:   Best Current Practice for Workload Identity
   Authors: Benedikt Hofmann
            Hannes Tschofenig
   Name:    draft-ietf-wimse-workload-identity-bcp-00.txt
   Pages:   10
   Dates:   2024-04-05

Abstract:

   The use of the OAuth 2.0 framework for container orchestration
   systems poses a challenge as managing secrets, such as client_id and
   client_secret, can be complex and error-prone.  "Service account
   token volume projection", a term introduced by Kubernetes, provides a
   way of injecting JSON Web Tokens (JWTs) to workloads.

   This document specifies the use of JWTs for client credentials in
   container orchestration systems to improve interoperability in
   orchestration systems, to reduce complexity for developers, and
   motivates authorization server to support RFC 7523.

The IETF datatracker status page for this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-wimse-workload-identity-bcp/

There is also an HTMLized version available at:
https://datatracker.ietf.org/doc/html/draft-ietf-wimse-workload-identity-bcp-00

Internet-Drafts are also available by rsync at:
rsync.ietf.org::internet-drafts

[New-wg-docs] I-D Action: draft-ietf-wimse-worklo… internet-drafts