Client attestation and posture #44
Comments
|
As per a comment during IETF110, see https://tools.ietf.org/html/draft-ietf-rats-eat-09 |
|
I would love to see a way to be able to integrate support for Apple's App Attestation for example. https://developer.apple.com/documentation/devicecheck/validating_apps_that_connect_to_your_server Note to self to look at the OAuth Assertion Framework for this. |
|
Might want to also look at https://www.ietf.org/archive/id/draft-ietf-acme-client-04.html |
|
Client attestation has come up on the https://github.com/w3c-ccg/vc-api context; and GNAP is being considered as an authorization protocol - so having a place for a client to provide its qualifications to act as a client to the AS will be important. Sorry this is vague - I don't want to presume an implementation yet, just highlighting it remains an important extension point for at least one use case. |
§2.3 Identifying the RC: Editor's note:
Additional client attestation frameworks will eventually need to be addressed here. For example, the organization the client represents, or a family of client software deployed in a cluster, or the posture of the device the client is installed on. These all need to be separable from the client's key and potentially the instance identifier.
The text was updated successfully, but these errors were encountered: