Return-Path: <mohamad@yuthent.com>
X-Original-To: oauth@mail2.ietf.org
Delivered-To: oauth@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1])
	by mail2.ietf.org (Postfix) with ESMTP id 01207EC1E6C7
	for <oauth@mail2.ietf.org>; Sun, 10 May 2026 10:23:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ietf.org; s=ietf1;
	t=1778433834; bh=vCxK/oznyqI7W87JTWYb08ZyjjhhnzFUvvrKXiE5iuY=;
	h=Date:Subject:From:To:Cc:In-Reply-To:References;
	b=hNcLxrCOOEd176b7JoQ+LknafO8JkP0o3Whl91N0g+BnV3mwBokHIUCt9iGMJapO/
	 u7zWHceZhr4yFPDYxwuPQGNrZEnjrxG1fSuBVocU+B2ftSHA369epKBsQuA54ywrqs
	 gT7ZTN/ibwV0ouDdgSJ+bw9ADp/20BU4rF4VesgE=
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: 1.239
X-Spam-Level: *
X-Spam-Status: No, score=1.239 tagged_above=-999 required=5
	tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
	DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001,
	RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001,
	RCVD_IN_MSPIKE_WL=0.001, RCVD_IN_SBL_CSS=3.335,
	RCVD_IN_VALIDITY_CERTIFIED_BLOCKED=0.001,
	RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, SPF_PASS=-0.001]
	autolearn=no autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key)
	header.d=yuthent.com
Received: from mail2.ietf.org ([166.84.6.31])
	by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id jheqCcjwMjaV for <oauth@mail2.ietf.org>;
	Sun, 10 May 2026 10:23:50 -0700 (PDT)
Received: from out-07.pe-bsn.jellyfish.systems
 (out-07.pe-bsn.jellyfish.systems [66.29.159.85])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256)
	(No client certificate requested)
	by mail2.ietf.org (Postfix) with ESMTPS id 0C2D6EC1E6BE
	for <oauth@ietf.org>; Sun, 10 May 2026 10:23:50 -0700 (PDT)
Received: from MTA-08.privateemail.com (unknown [10.50.14.18])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by BSN-01.privateemail.com (Postfix) with ESMTPS id 4gD8pQ6YfLz3hhTF;
	Sun, 10 May 2026 13:23:42 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=yuthent.com;
	s=default; t=1778433822;
	bh=vCxK/oznyqI7W87JTWYb08ZyjjhhnzFUvvrKXiE5iuY=;
	h=Date:Subject:From:To:Cc:In-Reply-To:References:From;
	b=FlWdFCycrKnK3DvUUcY1ux/cTRQQJ0qGNtyFuUSm2CBIZKR4ckYs0ud3KOSuwfIOo
	 ubDfn5DfN3fk/WI3l1TWH4PfBmcgrjWBttk0Rxl9etJl//qEeQiWEomRjg7WMWfz8q
	 3MtJU28Jk8oIFOP7rHIUhmeZ1Wqg0vZD2PZGMkJCO6AQXPWtw9cZEHWWIJY0EZS1Bh
	 k6/njnpjkfoJbjcBbC0aiCU/3mhA2SnaT8GgbBZS9HLBbpJDZMjSR1Q48kpsjMdkri
	 qfzRQmEjSFd/RH1GONvWW4/NlIwXsP14ZiPB5LBzTMM4/7As1GKQ1k8TrHKTfEPz8S
	 Gsp3jRNoXb0Mg==
Received: from mta-08.privateemail.com (localhost [127.0.0.1])
	by mta-08.privateemail.com (Postfix) with ESMTP id 4gD8pQ5GcSz3hhVJ;
	Sun, 10 May 2026 13:23:42 -0400 (EDT)
Received: from [10.0.0.12] (bzq-79-177-155-81.red.bezeqint.net
 [79.177.155.81])
	by mta-08.privateemail.com (Postfix) with ESMTPA;
	Sun, 10 May 2026 13:23:39 -0400 (EDT)
Content-Type: multipart/alternative;
 boundary="----=_NextPart_31112105.491966126978"
MIME-Version: 1.0
Date: Sun, 10 May 2026 20:24:18 +0300
Message-ID: <Mailbird-309b89c0-a445-498c-bfe4-38a447cf3fc0@yuthent.com>
From: "Mohamad Khalil Yossif" <mohamad@yuthent.com>
To: "Rifaat Shekh-Yusef" <rifaat.s.ietf@gmail.com>,
 "" <a0504108486@gmail.com>
In-Reply-To: 
 <CADNypP_AQZyeXHUyHyGqn-RgESqO+=VxJLAZNq=fHwvhbcyNgg@mail.gmail.com>
References: 
 <CADNypP8hgBo9_d5qaM9E0LZmMKhCcr3=PNW+XyXV3FbATVGcNQ@mail.gmail.com>
 <CAF+PL0HBQAH=tTHjwdUT+X3Pgs8+fajbzYdWyn_TR6CuMd3yfA@mail.gmail.com>
 <CADNypP_AQZyeXHUyHyGqn-RgESqO+=VxJLAZNq=fHwvhbcyNgg@mail.gmail.com>
User-Agent: Mailbird/3.0.57.0
X-Mailbird-ID: Mailbird-309b89c0-a445-498c-bfe4-38a447cf3fc0@yuthent.com
X-Virus-Scanned: ClamAV using ClamSMTP
Message-ID-Hash: CLX4ONUD7IUT6WV7GII4VNXC2J7HA4XU
X-Message-ID-Hash: CLX4ONUD7IUT6WV7GII4VNXC2J7HA4XU
X-MailFrom: mohamad@yuthent.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency;
 loop; banned-address; member-moderation; header-match-oauth.ietf.org-0;
 nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size;
 news-moderation; no-subject; digests; suspicious-header
CC: oauth@ietf.org
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: =?utf-8?q?=5BOAUTH-WG=5D_Re=3A_OAuth_WG_Rechartering?=
List-Id: OAUTH WG <oauth.ietf.org>
Archived-At: 
 <https://mailarchive.ietf.org/arch/msg/oauth/vVfe5mutr8KKPyfVi1wGIZmii9c>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Owner: <mailto:oauth-owner@ietf.org>
List-Post: <mailto:oauth@ietf.org>
List-Subscribe: <mailto:oauth-join@ietf.org>
List-Unsubscribe: <mailto:oauth-leave@ietf.org>

------=_NextPart_31112105.491966126978
Content-Type: text/plain;
 charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Rifaat, Hannes, Deb,
Thanks for the proposed text. The new framing =E2=80=94 "as automated agent=
s increasingly act on behalf of users, organizations, or both" =E2=80=94 ca=
ptures an important shift, and I appreciate that the Work Program acknowled=
ges it explicitly under Complex Delegation.
I'd like to ask a scoping question to understand whether a problem space I'=
ve been working on falls inside or outside the rechartered scope, before th=
e telechat.
The Complex Delegation bullet is described as "new mechanisms or/and extens=
ions for identity and authorization chaining to address scenarios where aut=
omated agents act across multiple administrative domains." My reading is th=
at this is principally about chaining the identity and authorization of wor=
kloads as a request traverses domains =E2=80=94 i.e., who is acting and und=
er what delegated grant =E2=80=94 and that the Coordination section reinfor=
ces this by pointing service-to-service and multi-hop workload identity wor=
k toward WIMSE.
What is less clear to me is whether the charter intends to cover execution-=
time authority assurance as a distinct concern: cryptographic evidence, pro=
duced at the moment of a sensitive action, that a specific human (not just =
a valid session or a properly delegated workload) authorized that specific =
action, with the action payload bound to the proof. This is adjacent to del=
egation but operates on a different axis =E2=80=94 it is not about who hold=
s the token or how authority is chained, but about whether the executing pa=
rty can prove human authorization at action time, independent of prior sess=
ion state.
I ask because I authored draft-yossif-psea-01 (Post-Session Execution Assur=
ance), which addresses exactly this gap, and I want to understand whether t=
he natural home for follow-on work in this area is OAuth (under Complex Del=
egation or a future extension), WIMSE, SPICE, or somewhere else entirely. I=
 am not asking the charter to call this out explicitly =E2=80=94 I am askin=
g the chairs and AD how they see the boundary.
Concretely:
* Does Complex Delegation, as currently scoped, contemplate per-action huma=
n authorization proofs bound to the action payload, or is it limited to ide=
ntity/authorization chaining between automated parties?
* If the former is out of scope here, would the chairs see this as WIMSE te=
rritory, SPICE territory, or material for a future BoF?
Apologies if this has been discussed in a venue I missed. Happy to take the=
 answer offline if it is more efficient.
Best regards,

[Mohamad Khalil Yossif]
Mohamad Khalil Yossif
CEO =E2=80=93 Yuthent
Founder =E2=80=93 FitSnitch, Thesis, SwiftCrew, MK Digital, MK Electronics
[Yuthent Logo]
=C2=A0
T: +972 50-931-1103 [tel:+972509311103]
E: mohamad@yuthent.com [mailto:mohamad@yuthent.com]
W: yuthent.com [https://yuthent.com] [LinkedIn] [https://www.linkedin.com/i=
n/mohamad-khalil-yossif-4b9781163/]
=C2=A0
[Yuthent =E2=80=93 Verify the Human] [https://yuthent.com]
This email may contain confidential or sensitive information. If you are no=
t the intended recipient, any review, use, disclosure, distribution, or cop=
ying is prohibited. If you received this message in error, please delete it=
 immediately.
On 10/05/2026 20:07:37, Rifaat Shekh-Yusef <rifaat.s.ietf@gmail.com> wrote:


=E2=80=AAOn Thu, May 7, 2026 at 1:21 PM =E2=80=AB=D7=90=D7=9C=D7=A2=D7=96=
=D7=A8 =D7=A4=D7=95=D7=A7=D7=A1=E2=80=AC=E2=80=8E <a0504108486@gmail.com [m=
ailto:a0504108486@gmail.com]> wrote:=E2=80=AC

Hi Rifaat, Hannes, and Deb,

Thanks for sharing the updated charter. I have a few concrete points regard=
ing boundaries and future scope that might be worth clarifying before the I=
ESG telechat:

1. Coordination with the SPICE WG: Given that the newly formed SPICE WG is =
also tackling selective disclosure and digital credentials (SD-CWT), it wou=
ld be helpful if the OAuth charter explicitly defined the coordination mech=
anisms. We should ensure there's no overlapping work, especially around Met=
adata and Capability Discovery.


I do not think that this needs to be spelled out in the charter.
We already have people that are active on both WGs, and the chairs of both =
working groups contact each other when needed.

2. Future of Identity Chaining: With `draft-ietf-oauth-identity-chaining` n=
earing completion, does the new charter keep the door open for further Work=
load Identity standardization and chaining extensions, or is this particula=
r scope considered complete for now?


No, this does not close the door for future work on this area, if it makes =
sense for that work to be at the OAuth WG.

3. Alignment with W3C VCDM 2.0: Since our work on SD-JWT VC is heavily tied=
 to ecosystems like the EU Digital Identity Wallet, should the charter expl=
icitly mention ongoing alignment and maintenance regarding the W3C VCDM 2.0=
 specifications?


The chairs have close contacts with the EU Wallets initiative with frequent=
 meetings to keep them up to date on the progress we are making on this fro=
nt.
Why do you think we need to explicitly mention the W3C VCDM 2.0 specificati=
ons?

Regards,
Rifaat

Looking forward to the discussion.

Best regards,
Elazar.

=E2=80=AB=D7=91=D7=AA=D7=90=D7=A8=D7=99=D7=9A =D7=99=D7=95=D7=9D =D7=94=D7=
=B3, 7 =D7=91=D7=9E=D7=90=D7=99 2026 =D7=91-19:27 =D7=9E=D7=90=D7=AA =E2=80=
=AARifaat Shekh-Yusef=E2=80=AC=E2=80=8F <=E2=80=AArifaat.s.ietf@gmail.com [=
mailto:rifaat.s.ietf@gmail.com]=E2=80=AC=E2=80=8F>:=E2=80=AC

All,

The OAuth WG chairs and the Security AD (Deb) have been collaborating on a =
proposal to recharter the OAuth WG.
https://datatracker.ietf.org/doc/charter-ietf-oauth/ [https://datatracker.i=
etf.org/doc/charter-ietf-oauth/]

Deb put this on the agenda of the IESG telechat for My 21st.

Please, take a look and let us know if you have any comments.

Regards,
Rifaat & Hannes



_______________________________________________
OAuth mailing list -- oauth@ietf.org [mailto:oauth@ietf.org]
To unsubscribe send an email to oauth-leave@ietf.org [mailto:oauth-leave@ie=
tf.org]

_______________________________________________ OAuth mailing list -- oauth=
@ietf.org To unsubscribe send an email to oauth-leave@ietf.org
------=_NextPart_31112105.491966126978
Content-Type: text/html;
 charset="utf-8"
Content-Transfer-Encoding: quoted-printable

<body><div id=3D"__MailbirdStyleContent" style=3D"font-size: 10pt;font-fami=
ly: Cascadia Code;color: #1A1A1A;text-align: left" dir=3D"ltr">
                                        <p class=3D"font-claude-response-bo=
dy break-words whitespace-normal leading-[1.7]">Rifaat, Hannes, Deb,</p>
<p class=3D"font-claude-response-body break-words whitespace-normal leading=
-[1.7]">Thanks for the proposed text. The new framing =E2=80=94 <em>"as aut=
omated agents increasingly act on behalf of users, organizations, or both"<=
/em> =E2=80=94 captures an important shift, and I appreciate that the Work =
Program acknowledges it explicitly under Complex Delegation.</p>
<p class=3D"font-claude-response-body break-words whitespace-normal leading=
-[1.7]">I'd like to ask a scoping question to understand whether a problem =
space I've been working on falls inside or outside the rechartered scope, b=
efore the telechat.</p>
<p class=3D"font-claude-response-body break-words whitespace-normal leading=
-[1.7]">The Complex Delegation bullet is described as <em>"new mechanisms o=
r/and extensions for identity and authorization chaining to address scenari=
os where automated agents act across multiple administrative domains."</em>=
 My reading is that this is principally about chaining the <strong>identity=
 and authorization of workloads</strong> as a request traverses domains =E2=
=80=94 i.e., who is acting and under what delegated grant =E2=80=94 and tha=
t the Coordination section reinforces this by pointing service-to-service a=
nd multi-hop workload identity work toward WIMSE.</p>
<p class=3D"font-claude-response-body break-words whitespace-normal leading=
-[1.7]">What is less clear to me is whether the charter intends to cover <s=
trong>execution-time authority assurance</strong> as a distinct concern: cr=
yptographic evidence, produced at the moment of a sensitive action, that a =
specific human (not just a valid session or a properly delegated workload) =
authorized that specific action, with the action payload bound to the proof=
. This is adjacent to delegation but operates on a different axis =E2=80=94=
 it is not about who holds the token or how authority is chained, but about=
 whether the executing party can prove human authorization at action time, =
independent of prior session state.</p>
<p class=3D"font-claude-response-body break-words whitespace-normal leading=
-[1.7]">I ask because I authored <code class=3D"bg-text-200/5 border border=
-0.5 border-border-300 text-danger-000 whitespace-pre-wrap rounded-[0.4rem]=
 px-1 py-px text-[0.9rem]">draft-yossif-psea-01</code> (Post-Session Execut=
ion Assurance), which addresses exactly this gap, and I want to understand =
whether the natural home for follow-on work in this area is OAuth (under Co=
mplex Delegation or a future extension), WIMSE, SPICE, or somewhere else en=
tirely. I am not asking the charter to call this out explicitly =E2=80=94 I=
 am asking the chairs and AD how they see the boundary.</p>
<p class=3D"font-claude-response-body break-words whitespace-normal leading=
-[1.7]">Concretely:</p>
<ol class=3D"[li_&amp;]:mb-0 [li_&amp;]:mt-1 [li_&amp;]:gap-1 [&amp;:not(:l=
ast-child)_ul]:pb-1 [&amp;:not(:last-child)_ol]:pb-1 list-decimal flex flex=
-col gap-1 pl-8 mb-3">
<li class=3D"font-claude-response-body whitespace-normal break-words pl-2">=
Does Complex Delegation, as currently scoped, contemplate per-action human =
authorization proofs bound to the action payload, or is it limited to ident=
ity/authorization chaining between automated parties?</li>
<li class=3D"font-claude-response-body whitespace-normal break-words pl-2">=
If the former is out of scope here, would the chairs see this as WIMSE terr=
itory, SPICE territory, or material for a future BoF?</li>
</ol>
<p class=3D"font-claude-response-body break-words whitespace-normal leading=
-[1.7]">Apologies if this has been discussed in a venue I missed. Happy to =
take the answer offline if it is more efficient.</p>
<p class=3D"font-claude-response-body break-words whitespace-pre-wrap leadi=
ng-[1.7]">Best regards,</p><div><br></div><div class=3D"mb_sig">
<footer><table dir=3D"ltr" cellpadding=3D"0" cellspacing=3D"0" border=3D"0"=
 style=3D"direction: ltr !important;unicode-bidi: embed;font-family: Arial,=
 sans-serif;font-size: 14px;color: #000000;max-width: 600px;width: 100%;bor=
der-collapse: collapse;text-align: left">
    <tbody>
        <tr>
            <td style=3D"padding: 10px 0; text-align: left;">
                <table dir=3D"ltr" cellpadding=3D"0" cellspacing=3D"0" bord=
er=3D"0" width=3D"100%" style=3D"direction: ltr !important;">
                    <tbody><tr>
                        <td valign=3D"middle" style=3D"font-family: Arial, =
sans-serif; text-align: left;">
                            <table dir=3D"ltr" cellpadding=3D"0" cellspacin=
g=3D"0" border=3D"0" style=3D"direction: ltr !important;">
                                <tbody><tr>
                                    <td style=3D"padding-right: 15px; text-=
align: left;">
                                        <img src=3D"https://yuthent.com/pub=
lic/assets/profile.jpg" width=3D"60" height=3D"60" alt=3D"Mohamad Khalil Yo=
ssif" style=3D"display: block; border-radius: 50%; width: 60px; height: 60p=
x; border: 0;"></img>
                                    </td>
                                    <td style=3D"font-family: Arial, sans-s=
erif; line-height: 1.2; text-align: left;">
                                        <div style=3D"font-size: 18px;font-=
weight: bold;color: #002b5c">Mohamad Khalil Yossif</div>
                                        <div style=3D"font-size: 13px;color=
: #333333;margin-top: 2px">CEO =E2=80=93 Yuthent</div>
                                        <div style=3D"font-size: 11px;color=
: #777777;margin-top: 2px">Founder =E2=80=93 FitSnitch, Thesis, SwiftCrew, =
MK Digital, MK Electronics</div>
                                    </td>
                                </tr>
                            </tbody></table>
                        </td>
                        <td align=3D"right" valign=3D"middle" style=3D"text=
-align: right;">
                            <img src=3D"https://yuthent.com/assets/logo.png=
" width=3D"90" height=3D"90" alt=3D"Yuthent Logo" style=3D"display: inline-=
block; width: 90px; height: 90px; border: 0;"></img>
                        </td>
                    </tr>
                </tbody></table>
            </td>
        </tr>
        <tr>
            <td style=3D"border-top: 1px solid #d9d9d9;font-size: 1px;line-=
height: 1px" height=3D"1">&nbsp;</td>
        </tr>
        <tr>
            <td style=3D"padding: 10px 0; text-align: left;">
                <table dir=3D"ltr" cellpadding=3D"0" cellspacing=3D"0" bord=
er=3D"0" width=3D"100%" style=3D"direction: ltr !important;">
                    <tbody><tr>
                        <td style=3D"font-family: Arial, sans-serif;font-si=
ze: 13px;color: #333333;line-height: 1.5;text-align: left">
                            <strong>T:</strong> <a href=3D"tel:+97250931110=
3" style=3D"color: #002b5c; text-decoration: none;">+972 50-931-1103</a><br>
                            <strong>E:</strong> <a href=3D"mailto:mohamad@y=
uthent.com" style=3D"color: #002b5c; text-decoration: none;">mohamad@yuthen=
t.com</a><br>
                            <strong>W:</strong> <a href=3D"https://yuthent.=
com" style=3D"color: #002b5c; text-decoration: none;">yuthent.com</a>
                        </td>
                        <td align=3D"right" valign=3D"middle" style=3D"text=
-align: right;">
                            <a href=3D"https://www.linkedin.com/in/mohamad-=
khalil-yossif-4b9781163/" style=3D"text-decoration: none;">
                                <img src=3D"https://cdn-icons-png.flaticon.=
com/512/174/174857.png" width=3D"24" height=3D"24" alt=3D"LinkedIn" style=
=3D"border-radius: 4px; border: 0;"></img>
                            </a>
                        </td>
                    </tr>
                </tbody></table>
            </td>
        </tr>
        <tr>
            <td style=3D"border-top: 1px solid #d9d9d9;font-size: 1px;line-=
height: 1px" height=3D"1">&nbsp;</td>
        </tr>
        <tr>
            <td style=3D"padding-top: 10px; text-align: left;">
                <a href=3D"https://yuthent.com" style=3D"text-decoration: n=
one;">
                    <img src=3D"https://yuthent.com/public/assets/banner.jp=
g" width=3D"600" alt=3D"Yuthent =E2=80=93 Verify the Human" style=3D"displa=
y: block; width: 100%; max-width: 600px; border: 0;"></img>
                </a>
            </td>
        </tr>
        <tr>
            <td style=3D"padding-top: 10px;font-family: Arial, sans-serif;f=
ont-size: 10px;color: #888888;line-height: 1.4;text-align: left">
                This email may contain confidential or sensitive informatio=
n. If you are not the intended recipient, any review, use, disclosure, dist=
ribution, or copying is prohibited. If you received this message in error, =
please delete it immediately.
            </td>
        </tr>
    </tbody>
</table></footer></div><blockquote class=3D'history_container' type=3D'cite=
' style=3D'border-left-style:solid;border-width:1px; margin-top:20px; margi=
n-left:0px;padding-left:10px;'>
                        <p style=3D'color: #AAAAAA; margin-top: 10px;'>On 1=
0/05/2026 20:07:37, Rifaat Shekh-Yusef &lt;rifaat.s.ietf@gmail.com&gt; wrot=
e:</p><div style=3D'font-family:Arial,Helvetica,sans-serif'><div dir=3D"ltr=
"><div dir=3D"ltr"><div><br></div></div><br><div class=3D"gmail_quote gmail=
_quote_container"><div dir=3D"ltr" class=3D"gmail_attr">=E2=80=AAOn Thu, Ma=
y 7, 2026 at 1:21=E2=80=AFPM =E2=80=AB=D7=90=D7=9C=D7=A2=D7=96=D7=A8 =D7=A4=
=D7=95=D7=A7=D7=A1=E2=80=AC=E2=80=8E &lt;<a href=3D"mailto:a0504108486@gmai=
l.com">a0504108486@gmail.com</a>&gt; wrote:=E2=80=AC<br></div><blockquote c=
lass=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px soli=
d rgb(204,204,204);padding-left:1ex"><div dir=3D"rtl">Hi Rifaat, Hannes, an=
d Deb,<br><br>Thanks for sharing the updated charter. I have a few concrete=
 points regarding boundaries and future scope that might be worth clarifyin=
g before the IESG telechat:<br><br>1. Coordination with the SPICE WG: Given=
 that the newly formed SPICE WG is also tackling selective disclosure and d=
igital credentials (SD-CWT), it would be helpful if the OAuth charter expli=
citly defined the coordination mechanisms. We should ensure there&#39;s no =
overlapping work, especially around Metadata and Capability Discovery.<br><=
br></div></blockquote><div>I do not think that this needs to be spelled out=
 in the charter.</div><div>We already have people that are active on both W=
Gs, and the chairs of both working groups contact each other when needed.</=
div><div><br></div><div>=C2=A0</div><blockquote class=3D"gmail_quote" style=
=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding=
-left:1ex"><div dir=3D"rtl">2. Future of Identity Chaining: With `draft-iet=
f-oauth-identity-chaining` nearing completion, does the new charter keep th=
e door open for further Workload Identity standardization and chaining exte=
nsions, or is this particular scope considered complete for now?<br><br></d=
iv></blockquote><div>No, this does not close the door for future work on th=
is area, if it makes sense for that work to be at the OAuth WG.</div><div><=
br></div><div>=C2=A0</div><blockquote class=3D"gmail_quote" style=3D"margin=
:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"=
><div dir=3D"rtl">3. Alignment with W3C VCDM 2.0: Since our work on SD-JWT =
VC is heavily tied to ecosystems like the EU Digital Identity Wallet, shoul=
d the charter explicitly mention ongoing alignment and maintenance regardin=
g the W3C VCDM 2.0 specifications?<br><br></div></blockquote><div>The chair=
s have close contacts with the EU Wallets initiative with frequent meetings=
 to keep them up to date on the progress we are making on this front.</div>=
<div>Why do you think we need to explicitly=C2=A0mention the=C2=A0W3C VCDM =
2.0 specifications?</div><div><br></div><div>Regards,</div><div>=C2=A0Rifaa=
t</div><div><br></div><div>=C2=A0</div><blockquote class=3D"gmail_quote" st=
yle=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padd=
ing-left:1ex"><div dir=3D"rtl">Looking forward to the discussion.<br><br>Be=
st regards,<br>Elazar.</div><br><div class=3D"gmail_quote"><div dir=3D"rtl"=
 class=3D"gmail_attr">=E2=80=AB=D7=91=D7=AA=D7=90=D7=A8=D7=99=D7=9A =D7=99=
=D7=95=D7=9D =D7=94=D7=B3, 7 =D7=91=D7=9E=D7=90=D7=99 2026 =D7=91-19:27 =D7=
=9E=D7=90=D7=AA =E2=80=AARifaat Shekh-Yusef=E2=80=AC=E2=80=8F &lt;=E2=80=AA=
<a href=3D"mailto:rifaat.s.ietf@gmail.com" target=3D"_blank">rifaat.s.ietf@=
gmail.com</a>=E2=80=AC=E2=80=8F&gt;:=E2=80=AC<br></div><blockquote class=3D=
"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(2=
04,204,204);padding-left:1ex"><div dir=3D"ltr"><div dir=3D"ltr">All,<div><b=
r></div><div>The OAuth WG chairs and the Security AD (Deb) have been collab=
orating on a proposal to recharter the OAuth WG.</div><div><a href=3D"https=
://datatracker.ietf.org/doc/charter-ietf-oauth/" target=3D"_blank">https://=
datatracker.ietf.org/doc/charter-ietf-oauth/</a></div><div><br></div><div>D=
eb put this on the agenda of the IESG telechat for <b>My 21st</b>.</div><di=
v><br></div><div>Please, take a look and let us know if you have any commen=
ts.</div><div><br></div><div>Regards,</div><div>=C2=A0Rifaat &amp; Hannes</=
div><div><br></div><div><br></div><div><br></div></div>
</div>
_______________________________________________<br>
OAuth mailing list -- <a href=3D"mailto:oauth@ietf.org" target=3D"_blank">o=
auth@ietf.org</a><br>
To unsubscribe send an email to <a href=3D"mailto:oauth-leave@ietf.org" tar=
get=3D"_blank">oauth-leave@ietf.org</a><br>
</blockquote></div>
</blockquote></div></div>
_______________________________________________
OAuth mailing list -- oauth@ietf.org
To unsubscribe send an email to oauth-leave@ietf.org
</div></blockquote>
                                        </div></body>
------=_NextPart_31112105.491966126978--

