Wasn't there at the meeting but George's comments definitively resonates with all the articles and content I see published online lately. Couldn't agree more...
./\. On Mon, Mar 16, 2026 at 12:42 PM Dick Hardt <[email protected]> wrote: > +1 > > On Mon, Mar 16, 2026 at 12:57 PM <[email protected]> wrote: > >> On Monday at the OAuth meeting for IETF 125 a number of AI related >> proposals were made to extend existing OAuth mechanisms in different ways. >> However, it seemed to me that there was overlap in the desired goals across >> these proposals and I’m wondering if for the AI space we need to take a >> step back and define the desired requirements before making spec level >> proposals. Just in what was presented, there is fragmentations and this >> doesn’t include a number of other proposals that have been made (either to >> IETF or otherwise) but were not presented. >> >> General topics that seem to come up frequently: >> * identifiers - instance, owner, version, … >> * fine-grained authorization - RAR, scope extensions, transaction tokens, >> … >> * delegated authorization - delegation chain, delegation capabilities, >> on-behalf-of, for-the-benefit-of, … >> * context & intent - transformation of original intent for specific >> delegation task, ... >> * consent - levels of delegation before consent is required, back channel >> consent, … >> * privacy - >> >> I’m sure there are more. I know it takes more time, but I believe we >> should address these issues holistically rather than on a spec by spec >> basis. >> >> Thanks, >> George >> >> George Fletcher >> Identity Standards Architect >> Practical Identity LLC >> >> >> >> _______________________________________________ >> OAuth mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> > _______________________________________________ > OAuth mailing list -- [email protected] > To unsubscribe send an email to [email protected] > -- Alex Babeanu Lead Product Manager AI Control Suite [image: mobilePhone] +1 604 728 8130 [image: emailAddress] <https://mail.google.com/mail/u/0/goog_101932960> [email protected] [image: website] www.indykite.com [image: linkedin] <https://www.linkedin.com/in/ababeanu/>
_______________________________________________ OAuth mailing list -- [email protected] To unsubscribe send an email to [email protected]
