@techreport{hardt-aauth-bootstrap-01, number = {draft-hardt-aauth-bootstrap-01}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-hardt-aauth-bootstrap/01/}, author = {Dick Hardt}, title = {{AAuth Bootstrap Guidance}}, pagetotal = 17, year = 2026, month = may, day = 6, abstract = {This document provides informational guidance for agent providers (APs) on enrolling agents and issuing AAuth agent tokens defined in {[}I-D.hardt-oauth-aauth-protocol{]}. It covers per-platform key handling, optional platform attestation, agent identifier strategies, and refresh patterns. The mechanisms described here are not normative protocol — they are common patterns that interoperable AP implementations can adopt or adapt.}, }