[New-wg-docs] I-D Action: draft-ietf-wimse-workload-identity-bcp-00.txt
internet-drafts@ietf.org Fri, 05 April 2024 20:24 UTC
Return-Path: <internet-drafts@ietf.org>
X-Original-To: new-wg-docs@ietf.org
Delivered-To: new-wg-docs@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AAE8C17C882 for <new-wg-docs@ietf.org>; Fri, 5 Apr 2024 13:24:54 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: internet-drafts@ietf.org
To: new-wg-docs@ietf.org
X-Test-IDTracker: no
X-IETF-IDTracker: 12.9.0
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <171234869416.46811.3607643443513875135@ietfa.amsl.com>
Date: Fri, 05 Apr 2024 13:24:54 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/new-wg-docs/clCKW9BSSOIpVOUANxXmQ2yYf4E>
Subject: [New-wg-docs] I-D Action: draft-ietf-wimse-workload-identity-bcp-00.txt
X-BeenThere: new-wg-docs@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "New \(-00\) Working Group Documents" <new-wg-docs.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/new-wg-docs>, <mailto:new-wg-docs-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/new-wg-docs/>
List-Post: <mailto:new-wg-docs@ietf.org>
List-Help: <mailto:new-wg-docs-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/new-wg-docs>, <mailto:new-wg-docs-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Apr 2024 20:24:54 -0000
Internet-Draft draft-ietf-wimse-workload-identity-bcp-00.txt is now available. It is a work item of the Workload Identity in Multi System Environments (WIMSE) WG of the IETF. Title: Best Current Practice for Workload Identity Authors: Benedikt Hofmann Hannes Tschofenig Name: draft-ietf-wimse-workload-identity-bcp-00.txt Pages: 10 Dates: 2024-04-05 Abstract: The use of the OAuth 2.0 framework for container orchestration systems poses a challenge as managing secrets, such as client_id and client_secret, can be complex and error-prone. "Service account token volume projection", a term introduced by Kubernetes, provides a way of injecting JSON Web Tokens (JWTs) to workloads. This document specifies the use of JWTs for client credentials in container orchestration systems to improve interoperability in orchestration systems, to reduce complexity for developers, and motivates authorization server to support RFC 7523. The IETF datatracker status page for this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-wimse-workload-identity-bcp/ There is also an HTMLized version available at: https://datatracker.ietf.org/doc/html/draft-ietf-wimse-workload-identity-bcp-00 Internet-Drafts are also available by rsync at: rsync.ietf.org::internet-drafts
- [New-wg-docs] I-D Action: draft-ietf-wimse-worklo… internet-drafts