02-26, 12:00–12:30 (UTC), Kaldalón
The Grant Negotiation and Authorization Protocol (GNAP) is officially an RFC, let's look at how we got here and what the future holds.
GNAP was proposed as a delegation protocol that would apply the lessons learned from a decade of OAuth experience and allow expansion into new use cases underserved by OAuth. Now that GNAP is an RFC, we'll look back at its journey, look around to its influence on the community, and look forward to its future.
Justin Richer is a security architect, software engineer, standards editor, and systems designer with over two decades of industry experience. He is the lead author of OAuth2 In Action and contributor to OAuth 2.0 and OpenID Connect. Justin is the editor of a variety of standards including GNAP, HTTP Message Signatures, and OAuth extensions RFC7591, RFC7592, RFC7662, and RFC9396. Justin is a co-author to NIST SP 800-63, FIPS201, and NIST SP 800-217.