I use this GitHub account for identity standards work. See my Identity 2.0 talk from OSCON 2005 for context.
- OAuth 2.1 — Consolidates OAuth 2.0 best practices into a single specification
- JWT BCP — Updated best current practices for JSON Web Tokens
- Email Verification Protocol — Verify email ownership without sending email
- Agent Auth — Authentication for AI agents
- HTTP Redirect Headers — Secure parameter passing in HTTP redirects
- HTTP Signature-Key — Distribute public keys for HTTP Message Signatures
- Email Verification Protocol — Browser API for email verification
- IPSIE — Interoperability profiles for enterprise identity
- Enterprise Extensions — Enterprise extensions for OpenID Connect
- Provider Commands — Commands for user lifecycle management
- Key Binding — Proof of possession for ID tokens