@techreport{hardt-oauth-aauth-protocol-01,
    number =    {draft-hardt-oauth-aauth-protocol-01},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-hardt-oauth-aauth-protocol/01/},
    author =    {Dick Hardt},
    title =     {{AAuth Protocol}},
    pagetotal = 109,
    year =      2026,
    month =     may,
    day =       6,
    abstract =  {This document defines the AAuth authorization protocol for agent-to- resource authorization and identity claim retrieval. The protocol supports four resource access modes — identity-based, resource- managed (two-party), PS-asserted (three-party), and federated (four- party) — with agent governance as an orthogonal layer. It builds on the HTTP Signature Keys specification ({[}I-D.hardt-httpbis-signature-key{]}) for HTTP Message Signatures and key discovery.},
}