1. Summary
The document shepherd is Yaron Sheffer. The responsible Area Director is Ben
Kaduk.
This document defines an HTTP push-based protocol for delivery of Security
Event Tokens (SETs, RFC 8417). This is one of the two options the working group
is working on: push- vs. poll-based delivery.
2. Review and Consensus
The protocol is a simple and straightforward way to transmit SETs, and the
working group supports it. Since we only have a small core of active
participants, we ran into a problem while requesting formal indication of
support, but eventually received enough messages in favor of publication to
demonstrate consensus.
I have reviewed the document for this write-up, and my comments were
incorporated into version -06 of the draft.
In addition there are multiple implementations, including one in production by
Google (https://developers.google.com/identity/risc).
3. Intellectual Property
Each author has confirmed conformance with BCP 78/79. There are no IPR
disclosures on the document.
4. Other Points
There is a normative downref to the obsolete RFC 5246, "TLS 1.2", which is
appropriate in this specific context.