Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

AAuth Protocol
draft-hardt-aauth-protocol-02

Versions:

This document is an Internet-Draft (I-D). Anyone may submit an I-D to the IETF. This I-D is not endorsed by the IETF and has no formal standing in the IETF standards process.

Document	Type	Replaced Internet-Draft (individual) Expired & archived
	Author	Dick Hardt
	Last updated	2026-04-28
	Replaced by	draft-hardt-oauth-aauth-protocol
	RFC stream	(None)
	Intended RFC status	(None)
	Formats	txt html xml htmlized bibtex bibxml
Stream	Stream state	(No stream defined)
	Consensus boilerplate	Unknown
	RFC Editor Note	(None)
IESG	IESG state	Replaced by draft-hardt-oauth-aauth-protocol
	Telechat date	(None)
	Responsible AD	(None)
	Send notices to	(None)

Email authors IPR References Referenced by Nits Search email archive

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:

txt html xml htmlized bibtex bibxml

Abstract

This document defines the AAuth authorization protocol for agent-to- resource authorization and identity claim retrieval. The protocol supports four resource access modes — identity-based, resource- managed (two-party), PS-managed (three-party), and federated (four- party) — with agent governance as an orthogonal layer. It builds on the HTTP Signature Keys specification ([I-D.hardt-httpbis-signature-key]) for HTTP Message Signatures and key discovery.

Authors

Dick Hardt

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)

AAuth Protocol draft-hardt-aauth-protocol-02

AAuth Protocol
draft-hardt-aauth-protocol-02