From e362807e3f966cffe9706be9a2fdd493f83f20f8 Mon Sep 17 00:00:00 2001 From: ysheffer Date: Sun, 13 Oct 2024 18:54:52 +0300 Subject: [PATCH 1/2] Changelog for draft -01 --- draft-ietf-wimse-s2s-protocol.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/draft-ietf-wimse-s2s-protocol.md b/draft-ietf-wimse-s2s-protocol.md index e72dd00..a47f647 100644 --- a/draft-ietf-wimse-s2s-protocol.md +++ b/draft-ietf-wimse-s2s-protocol.md @@ -586,6 +586,15 @@ TODO: `Workload-Proof-Token` from {{dpop-esque-auth}} # Document History RFC Editor: please remove before publication. +## draft-ietf-wimse-s2s-protocol-01 + +* Addressed multiple comments from Pieter. +* Clarified "trust domain" and "workload identifier". +* Much more detail around mTLS, including some normative language. +* WIT (the identity token) is now included in the WPT proof of possession. +* Added a section comparing the DPoP-inspired app-level security option to +the Message Signature-based alternative. + ## draft-ietf-wimse-s2s-protocol-00 * Initial WG draft, an exact copy of draft-sheffer-wimse-s2s-protocol-00 From 97319c8aa12393224f6ee6ab653baeb62e5caa36 Mon Sep 17 00:00:00 2001 From: ysheffer Date: Sun, 13 Oct 2024 19:01:26 +0300 Subject: [PATCH 2/2] Editorial --- draft-ietf-wimse-s2s-protocol.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/draft-ietf-wimse-s2s-protocol.md b/draft-ietf-wimse-s2s-protocol.md index a47f647..74d374d 100644 --- a/draft-ietf-wimse-s2s-protocol.md +++ b/draft-ietf-wimse-s2s-protocol.md @@ -589,7 +589,8 @@ TODO: `Workload-Proof-Token` from {{dpop-esque-auth}} ## draft-ietf-wimse-s2s-protocol-01 * Addressed multiple comments from Pieter. -* Clarified "trust domain" and "workload identifier". +* Clarified WIMSE identity concepts, specifically "trust domain" +and "workload identifier". * Much more detail around mTLS, including some normative language. * WIT (the identity token) is now included in the WPT proof of possession. * Added a section comparing the DPoP-inspired app-level security option to