OAuth Session 2 at IETF 123

IETF 123 Madrid

July 25, 2025

Fri

Castilla

Chairs update – Rifaat/Hannes (5 min)
Token Status List – Tobias/Paul/Christian (10 min)
- https://datatracker.ietf.org/doc/draft-ietf-oauth-status-list/
Attestation-Based Client Authentication - Tobias/Paul/Christian (20 min)
- https://datatracker.ietf.org/doc/draft-ietf-oauth-attestation-based-client-auth/
Transaction Tokens - Brian (10 min)
- https://datatracker.ietf.org/doc/draft-ietf-oauth-transaction-tokens/
OAuth 2.0 Refresh Token and Consent Expiration - Nick Watson (15 min)
- https://datatracker.ietf.org/doc/draft-watson-oauth-refresh-token-expiration/
App2App Browserless Flow - Yaron Zehavi (10 min)
- https://datatracker.ietf.org/doc/draft-zehavi-oauth-app2app-browserless/
OAuth 2.0 client extension claims - Jeff Lombardo (10 min)
- https://github.com/identitymonk/draft-lombardo-oauth-client-extension-claims
OAuth 2.0 Step-Up Authorization Challenge Protocol - Jeff Lombardo (10 min)
- https://github.com/identitymonk/draft-lombardo-oauth-step-up-authz-challenge-proto
Pushed Client Registration - Justin (10 min)
- https://www.ietf.org/archive/id/draft-richer-oauth-pushed-client-registration-00.html
Deferred Key Binding - Justin/Brian (10 min)
- https://datatracker.ietf.org/doc/draft-richer-oauth-tmb-claim/

#ietf