{"$schema": "https://c3voc.de/schedule/schema.json", "generator": {"name": "pretalx", "version": "2025.2.2"}, "schedule": {"url": "https://talks.secworkshop.events/osw2026/schedule/", "version": "0.1", "base_url": "https://talks.secworkshop.events", "conference": {"acronym": "osw2026", "title": "OAuth Security Workshop 2026", "start": "2026-05-27", "end": "2026-05-29", "daysCount": 3, "timeslot_duration": "00:05", "time_zone_name": "Europe/Berlin", "colors": {"primary": "#033888"}, "rooms": [{"name": "Arena", "slug": "7-arena", "guid": "765d3d53-15b4-51ec-ac07-ebd89ce206f4", "description": "-", "capacity": null}, {"name": "Work Lab I", "slug": "9-work-lab-i", "guid": "42e58f53-5318-512b-bd58-45b99fa04ab8", "description": "-", "capacity": null}, {"name": "Work Lab II", "slug": "10-work-lab-ii", "guid": "32048fe3-e9ef-5629-bc96-a8d70109a2c5", "description": "-", "capacity": null}, {"name": "Eatery", "slug": "8-eatery", "guid": "085a3a5f-f5f2-5531-acf1-0393effa0039", "description": "-", "capacity": null}], "tracks": [{"name": "Session", "slug": "3-session", "color": "#00831C"}], "days": [{"index": 1, "date": "2026-05-27", "day_start": "2026-05-27T04:00:00+02:00", "day_end": "2026-05-28T03:59:00+02:00", "rooms": {"Arena": [{"guid": "0063207e-bb01-569c-b342-bab269c788a1", "code": "NRXU93", "id": 54, "logo": null, "date": "2026-05-27T09:30:00+02:00", "start": "09:30", "duration": "00:30", "room": "Arena", "slug": "osw2026-54-iam-for-ai-from-eh-i-to-i-am", "url": "https://talks.secworkshop.events/osw2026/talk/NRXU93/", "title": "IAM for AI: From \"Eh, I?\" to \"I am.\"", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "A pragmatic look at \"IAM for AI,\" showing how familiar tools like OAuth, and emerging work such as CIMD and ID-JAG, can meet AI\u2019s needs without inciting revolution.", "description": "Comparable only to seismic shifts like the Industrial Revolution or the rise of the Internet, the emergence of artificial intelligence is unquestionably transformative. But does it really demand an equally radical upheaval in IAM standards and technology? With the seemingly endless parade of prophets and profiteers declaring the revolution imminent and assuring us that they alone can lead it, you might think so.\r\nThe reality might be less dramatic and more practical. Many of the core challenges of 'IAM for AI' look pretty familiar. Regular old OAuth is already well suited to a surprising amount of AI systems' needs, and emerging efforts like CIMD and ID-JAG seem poised to fill in some of the gaps. It may be that our existing IAM foundation can rise to the occasion, or that our expectations can be tempered to meet the moment.\r\nJoin a curmudgeonly pragmatist and occasional OSW contributor on a journey from 'Eh, I?' to 'I am.' without inciting revolution.", "recording_license": "", "do_not_record": false, "persons": [{"code": "RUNRDN", "name": "Brian Campbell", "avatar": "https://talks.secworkshop.events/media/avatars/RUNRDN_LDjWscH.webp", "biography": "As a Distinguished Engineer for Ping Identity, Brian aspires to one day know what a Distinguished Engineer actually does for a living. In the meantime, he's tried to make himself useful with little things like designing and building much of PingFederate, the product that put Ping Identity on the map. When not making himself useful, he tries to build his legacy by sneaking his name onto technical documents that few people will ever actually read, including some identity and security standards in the IETF and OpenID Foundation. He holds a B.A., magna cum laude, in Computer Science from Amherst College in Massachusetts. Despite spending four years in the state, he has to look up how to spell \"Massachusetts\" every time he writes it.", "public_name": "Brian Campbell", "guid": "0b908101-79fd-55cb-9e44-8d05f0c54b8f", "url": "https://talks.secworkshop.events/osw2026/speaker/RUNRDN/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/NRXU93/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/NRXU93/", "attachments": []}, {"guid": "0c33c627-e788-5427-bcdb-73960f58aa5c", "code": "U8BJ3B", "id": 60, "logo": null, "date": "2026-05-27T10:00:00+02:00", "start": "10:00", "duration": "00:30", "room": "Arena", "slug": "osw2026-60-scaling-workload-identity-lifecycle-management-with-standards", "url": "https://talks.secworkshop.events/osw2026/talk/U8BJ3B/", "title": "Scaling Workload Identity Lifecycle Management with Standards", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "This session shares real world lessons learnt and gaps identified from using SPIFFE, OAuth 2.0, and mTLS to automate identity lifecycle management, OAuth client registration, sender-constrain tokens and eradicate secrets.", "description": "Enterprises are drowning in machine identities across clouds, clusters, and AI agents. Teams fight secret sprawl, brittle client provisioning causes outages, and manual lifecycle management can\u2019t keep up with the pace of ephemeral workloads.\r\n\r\nThis session bridges the gap between standards and implementation. First, we will provide a primer on the evolving workload identity landscape, reviewing foundational initiatives like SPIFFE, active working groups like WIMSE and new work in OAuth that are foundational to building a modern, secure, scalable and automated NHI lifecycle management.\r\n\r\nNext, we will present a deep-dive into how Signicat built SWIM (Signicat Workload Identity in\u2011Mesh), a fully automated non\u2011human identity (NHI) lifecycle system using open standards. SWIM combines SPIFFE, OAuth 2.0, and mTLS with a service mesh to automate identity lifecycle management, OAuth client registration, and sender-constrained tokens.\r\n\r\nBy combining a standards overview with a real-world implementation, we offer a complete story. You'll leave with hard-won lessons and a practical blueprint to move from client-secret chaos to an automated, standards-based NHI lifecycle that removes developer friction and gives identity teams verifiable, auditable control.", "recording_license": "", "do_not_record": false, "persons": [{"code": "3HBYCY", "name": "Pieter Kasselman", "avatar": "https://talks.secworkshop.events/media/avatars/3HBYCY_T9zM0PZ.webp", "biography": "Pieter Kasselman is an Identity Enthusiast, focused on standards based identity products. Pieter has over 25 years' experience as a technologist and engineer, working on bringing new technologies and business models to market. Pieter's first encounter with identity was his final year project which used neural networks to identify users based on typing patterns. Since then he worked in a number of roles as an information security analyst, software engineer and program manager in industries that include finance, software, silicon and cloud. His diverse background gives him a unique perspective of the importance of identity and the role of identity standards as both a business enabler and the first line of defence for.", "public_name": "Pieter Kasselman", "guid": "760eb59d-d805-5238-99ee-14916d3b8f66", "url": "https://talks.secworkshop.events/osw2026/speaker/3HBYCY/"}, {"code": "97QADT", "name": "Dag Sneeggen", "avatar": "https://talks.secworkshop.events/media/avatars/IMG202405271752352_OrhdA8f.jpg", "biography": "", "public_name": "Dag Sneeggen", "guid": "49e83218-cccf-5d07-be62-c475816f1beb", "url": "https://talks.secworkshop.events/osw2026/speaker/97QADT/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/U8BJ3B/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/U8BJ3B/", "attachments": []}, {"guid": "694f0e4f-91b0-592c-9e7d-8d45247e3f0b", "code": "MXUFYW", "id": 61, "logo": null, "date": "2026-05-27T11:00:00+02:00", "start": "11:00", "duration": "00:30", "room": "Arena", "slug": "osw2026-61-experience-report-from-implementing-openid4vc-issuance-and-presentation-specifications-in-norway", "url": "https://talks.secworkshop.events/osw2026/talk/MXUFYW/", "title": "Experience report from implementing OpenID4VC issuance and presentation specifications in Norway", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "We have been implementing and testing VC specifications on with for the last 3 years. We have also started testing against the government-hosted playground for trust infrastructure in Norway. Come to hear about lessons learned and spec feedback", "description": "My company has been eagerly following the development of specifications for both verifiable credential issuance and presentation. We have implemented playground software in which we enable testing with user-supplied data to construct somewhat realistic credentials. In this session I will walk through how my team as implementers have experienced the draft process of OpenID specs, ISO specs and the EU reference framework.\r\n\r\nTo get a structured feedback, I present the qualitative results of interviews with engineers who have spent the last three years implementing and testing these standards. The goals of the interviews is to get deeper insight into the following items: lessons learned, implementation challenges and reflections about data formats. Feedbacks include real-world experiences from deploying specs at customer's sites in Norway.", "recording_license": "", "do_not_record": false, "persons": [{"code": "RYA38P", "name": "Elias Botterli S\u00f8rensen", "avatar": "https://talks.secworkshop.events/media/avatars/RYA38P_RWc4DZ7.webp", "biography": "I have been working closely with OAuth 2.0, OpenID connect and other IAM-related specifications since 2018. Last year I also started diving into the verifiable credentials specifications that are relevant in the eIDAS 2.0 & EUDI standards that will be launched in Europe in the next few years. I am passionate about the complexities and values involved with digital identity technologies and feel very excited for what is coming.", "public_name": "Elias Botterli S\u00f8rensen", "guid": "de106b40-d370-5fe5-8b62-9a5fee1fdea3", "url": "https://talks.secworkshop.events/osw2026/speaker/RYA38P/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/MXUFYW/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/MXUFYW/", "attachments": []}, {"guid": "ba796141-47a1-5f84-8258-b76431fbcd19", "code": "Q3BFZL", "id": 68, "logo": null, "date": "2026-05-27T11:30:00+02:00", "start": "11:30", "duration": "00:30", "room": "Arena", "slug": "osw2026-68-progress-report-on-handling-an-actionable-security-vulnerability", "url": "https://talks.secworkshop.events/osw2026/talk/Q3BFZL/", "title": "Progress Report on Handling an Actionable Security Vulnerability", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "University of Stuttgart security researchers discovered an actionable security vulnerability in mid-2024 in the audience values used for JWT Client Authentication. This presentation will delve into the details of what happened next and why.", "description": "The fourth and final Implementer\u2019s Draft of the OpenID Federation specification was completed on May 31, 2024.  Security researchers at the University of Stuttgart conducted a security analysis of it for the OpenID Foundation in mid-2024 and discovered an actionable security vulnerability.  The vulnerability was due to recommendations about the audience values of Client Authentication JWTs, and affected many OAuth and OpenID specifications.  This vulnerability was reported to the OpenID Foundation on September 20, 2024.\r\n\r\nThis presentation will go into the details of what happened after that and why things unfolded the way they did (and in some cases, still are), and what we can learn as a result.  Topics I\u2019ll discuss include:\r\n\r\n  - the OpenID Foundation notifying FAPI ecosystems that we determined were vulnerable and the actions they took as a result,\r\n  - the invitation-only meeting of spec authors and OAuth chairs at the November 2024 IETF meeting in Dublin to discuss the vulnerability, and the conclusions reached there,\r\n  - the semi-private disclosure of the vulnerability at an OAuth interim meeting on January 27, 2025,\r\n  - the public disclosure of the vulnerability by the OpenID Foundation on February 25, 2025,\r\n  - the effect that the vulnerability had on the OpenID Federation specification,\r\n  - the effect that the vulnerability had on the FAPI 2 specification,\r\n  - the resulting errata work on the OpenID Core, OpenID CIBA Core, and FAPI 1 specifications,\r\n  - the updates being made to RFC 7523 (JWT Client Authentication and Authorization Grants), RFC 7521 (Generic OAuth 2.0 Client Authentication and Authorization Grants), RFC 7522 (SAML Client Authentication and Authorization Grants), and RFC 9126 (Pushed Authorization Requests),\r\n  - the updates not made to RFC 9101 (JAR),\r\n  - the updates not made to RFC 9700 (OAuth Security BCP),\r\n  - the status of rfc7523bis and draft-wuertele-oauth-security-topics-update (which are updating the affected OAuth specifications),\r\n  - what remains to do,\r\n  - thoughts on why this has all taken as long as it has, and\r\n  - what lessons we can learn.", "recording_license": "", "do_not_record": false, "persons": [{"code": "TSMMHY", "name": "Michael B. Jones", "avatar": "https://talks.secworkshop.events/media/avatars/Identiverse_2022_Cropped_RwkarPA.jpg", "biography": "Dr. Michael B. Jones\r\nBuilding the Internet's Missing Identity Layer\r\nSelf-Issued Consulting\r\n\r\nMichael B. Jones is on a quest to build the Internet's missing identity layer. He is an editor of the OpenID Connect specifications, IETF OAuth specifications, including JSON Web Token (JWT) and DPoP, the IETF JSON Object Signing and Encryption (JOSE)  specifications, FIDO 2.0, and W3C Web Authentication.  In the Digital Credentials space, he is an editor of the W3C Verifiable Credentials specs, the JSON Web Proofs (JWP) specs, and a contributor to the OpenID4VC specs.  He co-chairs the IETF COSE working group, which is doing post-quantum algorithms work for COSE and JOSE.  Michael was recognized as a Distinguished Engineer by the OpenID Foundation and was granted a lifetime achievement award by Kuppinger Cole for creating simple, secure, ubiquitous, interoperable digital identity solutions since 2005.  As a long-time member of the OpenID Board of Directors, he architected the award-winning and globally adopted OpenID Certification program.  Michael's Ph.D. in Computer Science from Carnegie Mellon University led to a lifelong career in digital identity, computer security, privacy, and networking.  He is passionate about mentoring the next generation of identity leaders.  His professional Web site is https://self-issued.consulting/ and he blogs at https://self-issued.info/.", "public_name": "Michael B. Jones", "guid": "808625ce-2921-5db8-86e3-7f964f6e1af9", "url": "https://talks.secworkshop.events/osw2026/speaker/TSMMHY/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/Q3BFZL/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/Q3BFZL/", "attachments": []}, {"guid": "ac8e0137-1c6f-5052-ae2e-b50e4c4ab60c", "code": "RURXJ8", "id": 95, "logo": null, "date": "2026-05-27T13:00:00+02:00", "start": "13:00", "duration": "00:30", "room": "Arena", "slug": "osw2026-95-unconference-planning-wednesday", "url": "https://talks.secworkshop.events/osw2026/talk/RURXJ8/", "title": "Unconference Planning Wednesday", "subtitle": "", "track": null, "type": "Special", "language": "en", "abstract": "We assemble to plan the unconference slots in the afternoon.", "description": "We assemble to plan the unconference slots in the afternoon.", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/RURXJ8/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/RURXJ8/", "attachments": []}, {"guid": "f3a40bea-8ac2-5d51-b9dd-9261f5b28ed0", "code": "M33CEE", "id": 98, "logo": null, "date": "2026-05-27T13:30:00+02:00", "start": "13:30", "duration": "01:30", "room": "Arena", "slug": "osw2026-98-unconference-sessions", "url": "https://talks.secworkshop.events/osw2026/talk/M33CEE/", "title": "Unconference Sessions", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Unconference Sessions", "description": "Unconference Sessions", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/M33CEE/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/M33CEE/", "attachments": []}, {"guid": "706b124b-8524-59d5-9c3c-2a39cd092fa6", "code": "7WN3BD", "id": 101, "logo": null, "date": "2026-05-27T15:30:00+02:00", "start": "15:30", "duration": "01:30", "room": "Arena", "slug": "osw2026-101-unconference-sessions", "url": "https://talks.secworkshop.events/osw2026/talk/7WN3BD/", "title": "Unconference Sessions", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Unconference Sessions", "description": "Unconference Sessions", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/7WN3BD/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/7WN3BD/", "attachments": []}, {"guid": "9aff249f-3376-5fdb-b10d-5391cdc5384e", "code": "PMTGNJ", "id": 80, "logo": null, "date": "2026-05-27T18:00:00+02:00", "start": "18:00", "duration": "01:00", "room": "Arena", "slug": "osw2026-80-reception", "url": "https://talks.secworkshop.events/osw2026/talk/PMTGNJ/", "title": "Reception", "subtitle": "", "track": null, "type": "Special", "language": "en", "abstract": "Reception at Lancaster University Leipzig's Rooftop Terrace", "description": "Reception at Lancaster University Leipzig's Rooftop Terrace", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/PMTGNJ/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/PMTGNJ/", "attachments": []}], "Work Lab II": [{"guid": "1878cd4f-8c0a-5153-bf05-aea904336d28", "code": "GEBRJ9", "id": 58, "logo": null, "date": "2026-05-27T11:00:00+02:00", "start": "11:00", "duration": "01:00", "room": "Work Lab II", "slug": "osw2026-58-integrating-the-oidf-conformance-suite-into-ci-what-can-go-wrong", "url": "https://talks.secworkshop.events/osw2026/talk/GEBRJ9/", "title": "Integrating the OIDF conformance suite into CI, what can go wrong", "subtitle": "", "track": null, "type": "Talk/Diskussion 1h", "language": "en", "abstract": "Integrating the OIDF conformance suite into GitHub CI sounded easy\u2014until it wasn\u2019t. This talk shares real-world failures, CI-specific pitfalls, and hard-won lessons on turning flaky red tests into meaningful conformance signals.", "description": "The OIDF conformance suite is an essential tool for validating OAuth and OpenID Connect implementations. Running it manually is one thing; making it reliable and automated in GitHub CI is another story entirely. Because the main goal of every developer is to deploy to prod on a Friday evening right before the weekend!\r\n\r\nThis talk is a hands-on experience report covering:\r\n- How to integrate the OIDF conformance suite into a GitHub CI pipeline for testing OID4VCI and OID4VP tests.\r\n- Common pitfalls when running conformance tests in non-interactive, ephemeral environments\r\n- CI-specific failure modes (timing, networking, state, configuration drift)\r\n- Debugging strategies when the test output feels more like a riddle than a report\r\n- What I would do differently if I had to set it up again (spoiler: several things)\r\n\r\nAlong the way, I\u2019ll share concrete examples of errors I encountered, why they happened, and how I eventually got from \u201cred CI, mild panic\u201d to a stable and trustworthy setup.\r\n\r\nThe goal is not just to complain (although there will be some therapy), but to help others avoid the same traps.\r\n\r\nKudos already to Joseph who supported to my questions all the time!", "recording_license": "", "do_not_record": false, "persons": [{"code": "SP37GW", "name": "Mirko Mollik", "avatar": "https://talks.secworkshop.events/media/avatars/1707905338395_gM3YFj1.jpeg", "biography": "", "public_name": "Mirko Mollik", "guid": "5726b40c-23cb-5283-9fcc-b6e6e96bdd2b", "url": "https://talks.secworkshop.events/osw2026/speaker/SP37GW/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/GEBRJ9/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/GEBRJ9/", "attachments": []}]}}, {"index": 2, "date": "2026-05-28", "day_start": "2026-05-28T04:00:00+02:00", "day_end": "2026-05-29T03:59:00+02:00", "rooms": {"Arena": [{"guid": "be5b8c04-3617-5591-96a0-299da9b8e84b", "code": "DQQMHA", "id": 94, "logo": null, "date": "2026-05-28T09:15:00+02:00", "start": "09:15", "duration": "00:15", "room": "Arena", "slug": "osw2026-94-sponsor-welcome", "url": "https://talks.secworkshop.events/osw2026/talk/DQQMHA/", "title": "Sponsor Welcome", "subtitle": "", "track": null, "type": "Special", "language": "en", "abstract": "A welcome from our main sponsor, Authlete", "description": "A welcome from our main sponsor, Authlete", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/DQQMHA/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/DQQMHA/", "attachments": []}, {"guid": "c34b7cf0-3ffd-5f2a-80d8-6faf0265593e", "code": "HQYTR7", "id": 75, "logo": null, "date": "2026-05-28T09:30:00+02:00", "start": "09:30", "duration": "00:30", "room": "Arena", "slug": "osw2026-75-delegate-sd-jwts", "url": "https://talks.secworkshop.events/osw2026/talk/HQYTR7/", "title": "Delegate SD-JWTs", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Discuss an extension to SD-JWTs(RFC9901) to support further delegation from the Holder to a Delegate Holder. This is done by allowing the KB-JWT to also be an SD-JWT, optionally with its own Key Binding.", "description": "SD-JWT provides a mechanism for ensuring minimal disclosure in a three party model. This allows an intermediary party (the Holder) to choose to remove claims when only a subset is needed by a verifier. Additionally SD-JWT+KB allows for proof of possession by the Holder using the cnf claim. The Verifier need only trust the Issuer and its policy regarding the cnf key to trust the resulting presentation.\r\n\r\nAs part of work on the Agentics Payment Protocol we found the need to be able to delegate verifiable credentials from a User (Holder) to the Agent (Delegate Holder) and then have the Agent perform further presentations to a Verifier. SD-JWT+KBs, which began in this forum, provided the capability with a minimal extension. The resulting [draft](https://github.com/GarethCOliver/gco-delegate-sd-jwt/blob/main/draft-gco-oauth-delegate-sd-jwt.md) is looking to be brought more generally to standardization for both use in other agentic contexts, as well as more generally for delegation usages.", "recording_license": "", "do_not_record": false, "persons": [{"code": "X7798Q", "name": "Gareth Oliver", "avatar": null, "biography": "", "public_name": "Gareth Oliver", "guid": "dc057a9c-0831-5413-91d3-ef6da35e3d57", "url": "https://talks.secworkshop.events/osw2026/speaker/X7798Q/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/HQYTR7/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/HQYTR7/", "attachments": []}, {"guid": "82aefd11-a78e-552e-934b-6b7138c02f03", "code": "9Q9AZM", "id": 83, "logo": null, "date": "2026-05-28T10:00:00+02:00", "start": "10:00", "duration": "00:30", "room": "Arena", "slug": "osw2026-83-sd-jwt-from-selective-disclosure-to-zero-knowledge", "url": "https://talks.secworkshop.events/osw2026/talk/9Q9AZM/", "title": "SD-JWT: From Selective Disclosure to Zero Knowledge", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Extending the definition of the hash algorithm defined in SD-JWT allows zero knowledge proofs to be used on properties. Here we show how sigma protocols with Pedersen commitments could be added with almost no (structural) modifications to RFC-9901.", "description": "While selective disclosure can enhance a user's privacy by only revealing necessary claims, there are use cases that need certain conditions on the properties to be true (e.g. claim-based binding, age verification, set inclusion). \r\n\r\nWith the default hash algorithm identifiers defined in RFC-9901 e.g. SHA-256, there is no easy way to do zero knowledge proofs and as such, the relevant claims must always be disclosed. In our extension of RFC-9901, we standardise how to provide commitments on attributes using them as an alternative family of \"hash\"-like functions. Further extensions in the key binding JWT propose a way to define sigma protocols to provide efficient zero knowledge proofs for linear conditions on attributes - especially equality and range proofs.\r\n\r\nUsing our proposal, we can achieve device binding for only claim-based bound credentials using the transitivity property and linking e.g. a diploma with an ID card, without revealing more information than necessary.\r\n\r\nWith this proposal in mind, we are looking for inputs on how to include further ZKP schemes (e.g. lattice-based/hash-based schemes), and how to generalise definitions of proof systems.", "recording_license": "", "do_not_record": false, "persons": [{"code": "XXJMNU", "name": "Patrick Amrein", "avatar": "https://talks.secworkshop.events/media/avatars/1000024030_AlI9RnR.jpg", "biography": "Patrick started his career as a mobile developer very early on, with a game for a Sony Ericson using Java2ME. He switched technologies a few times - Android, iOS, Windows Phone (the best platform ever!) - and decided to study physics. Thanks to a few courses in algebra (among other math courses) - and thanks to the work of some great researchers - he came up with a proposal for device binding of BBS signatures with ECDSA (zk-bridge). He is currently working on a variety of projects on cryptographic protocols. Patrick holds an MSc in Physics from ETH Zurich.", "public_name": "Patrick Amrein", "guid": "216c10bc-3334-58be-a299-a6ee897c9d8d", "url": "https://talks.secworkshop.events/osw2026/speaker/XXJMNU/"}, {"code": "SVKUUN", "name": "Christopher Meier", "avatar": "https://talks.secworkshop.events/media/avatars/SVKUUN_tlEwFbC.webp", "biography": "Chris is a Software Engineer at Ubique. Most of his time is spent on digital identity, security and mobile development, where he contributes to secure and seamless solutions that enhance user experience across a variety of digital products. Before entering the OAuth and OpenId rabbit hole, he has tinkered with Hyperledger Indy, RDMA and TEEs. Chris holds a Msc in Computer Science from ETH Zurich.", "public_name": "Christopher Meier", "guid": "86c48b01-8af6-5a6f-8751-29882b403eff", "url": "https://talks.secworkshop.events/osw2026/speaker/SVKUUN/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/9Q9AZM/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/9Q9AZM/", "attachments": []}, {"guid": "f0104f60-aac4-50dd-999d-f9fe762d37ec", "code": "KPMDDA", "id": 82, "logo": null, "date": "2026-05-28T11:00:00+02:00", "start": "11:00", "duration": "00:30", "room": "Arena", "slug": "osw2026-82-from-draft-to-deployment-building-a-production-ecosystem-on-moving-standards", "url": "https://talks.secworkshop.events/osw2026/talk/KPMDDA/", "title": "From Draft to Deployment: Building a Production Ecosystem on Moving Standards", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Building the EUDI Wallet ecosystem means deploying production systems on evolving drafts. This talk shares lessons from OID4VC, interoperability gaps, and the security challenges that arise when standards change faster than deployments.", "description": "The revised eIDAS regulation requires every EU member state to deploy a certified digital identity wallet by the end of 2026. The challenge: when implementation began, key standards were still evolving, some published only as drafts, others incomplete, and some still missing entirely.\r\n\r\nThis talk shares practical lessons from building a production-grade national identity ecosystem under these conditions. Using OID4VC, OID4VP, and related trust specifications as examples, it explores how draft changes, interoperability gaps, and unresolved security assumptions directly affect real deployments.\r\n\r\nA particular focus will be the debates around OID4VC drafts and how seemingly small specification changes can cascade into ecosystem-wide implementation and security challenges.\r\n\r\nThe session aims to bridge the gap between protocol design and operational reality, offering insights for standards authors, implementers, and security researchers.", "recording_license": "", "do_not_record": false, "persons": [{"code": "SP37GW", "name": "Mirko Mollik", "avatar": "https://talks.secworkshop.events/media/avatars/1707905338395_gM3YFj1.jpeg", "biography": "", "public_name": "Mirko Mollik", "guid": "5726b40c-23cb-5283-9fcc-b6e6e96bdd2b", "url": "https://talks.secworkshop.events/osw2026/speaker/SP37GW/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/KPMDDA/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/KPMDDA/", "attachments": []}, {"guid": "e64445f1-f7ee-54b5-b531-09ae01939f20", "code": "UH3HD7", "id": 96, "logo": null, "date": "2026-05-28T11:30:00+02:00", "start": "11:30", "duration": "00:30", "room": "Arena", "slug": "osw2026-96-unconference-planning-thursday", "url": "https://talks.secworkshop.events/osw2026/talk/UH3HD7/", "title": "Unconference Planning Thursday", "subtitle": "", "track": null, "type": "Special", "language": "en", "abstract": "We assemble to plan the unconference slots in the afternoon.", "description": "We assemble to plan the unconference slots in the afternoon.", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/UH3HD7/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/UH3HD7/", "attachments": []}, {"guid": "71483031-be62-58ec-8d31-ddbf266a63e8", "code": "99JBKX", "id": 105, "logo": null, "date": "2026-05-28T13:00:00+02:00", "start": "13:00", "duration": "01:30", "room": "Arena", "slug": "osw2026-105-unconference-sessions", "url": "https://talks.secworkshop.events/osw2026/talk/99JBKX/", "title": "Unconference Sessions", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Unconference Sessions", "description": "Unconference Sessions", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/99JBKX/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/99JBKX/", "attachments": []}, {"guid": "1bf7220b-49d7-5637-a02f-a3484ab17349", "code": "V9JTVP", "id": 102, "logo": null, "date": "2026-05-28T15:00:00+02:00", "start": "15:00", "duration": "01:00", "room": "Arena", "slug": "osw2026-102-unconference-sessions", "url": "https://talks.secworkshop.events/osw2026/talk/V9JTVP/", "title": "Unconference Sessions", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Unconference Sessions", "description": "Unconference Sessions", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/V9JTVP/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/V9JTVP/", "attachments": []}, {"guid": "faeb37fe-3874-5d8e-90c7-15c9e0c294d9", "code": "3NVRX3", "id": 78, "logo": null, "date": "2026-05-28T17:00:00+02:00", "start": "17:00", "duration": "02:00", "room": "Arena", "slug": "osw2026-78-city-tour", "url": "https://talks.secworkshop.events/osw2026/talk/3NVRX3/", "title": "City Tour", "subtitle": "", "track": null, "type": "Special", "language": "en", "abstract": "City Tour", "description": "City Tour", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/3NVRX3/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/3NVRX3/", "attachments": []}, {"guid": "dd412735-5d8c-5965-aa94-ab6e904a504d", "code": "ANJQVM", "id": 79, "logo": null, "date": "2026-05-28T19:00:00+02:00", "start": "19:00", "duration": "03:00", "room": "Arena", "slug": "osw2026-79-conference-dinner", "url": "https://talks.secworkshop.events/osw2026/talk/ANJQVM/", "title": "Conference Dinner", "subtitle": "", "track": null, "type": "Special", "language": "en", "abstract": "Dinner at Ratskeller", "description": "Dinner at Ratskeller", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/ANJQVM/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/ANJQVM/", "attachments": []}], "Work Lab II": [{"guid": "30595be1-e902-52cc-a5e8-6b5cf5b03aa9", "code": "9VDCK9", "id": 67, "logo": null, "date": "2026-05-28T10:00:00+02:00", "start": "10:00", "duration": "00:30", "room": "Work Lab II", "slug": "osw2026-67-human-and-workload-identities-bridging-the-gap-with-transaction-tokens", "url": "https://talks.secworkshop.events/osw2026/talk/9VDCK9/", "title": "Human and Workload Identities: Bridging the Gap with Transaction Tokens", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "In this talk, we will introduce the two emerging OAuth technologies related to workload identity, namely Transaction Tokens and SPIFFE Client Authentication, and demonstrate them working together.", "description": "Human and workload identities are different in many aspects, such as issuance, verification, lifecycle, lifetime, and scope. OAuth offers a mature framework for the former.\r\n\r\nThe latter is covered by technologies like SPIFFE, which help ensure that inter-workload calls be properly authenticated. The zero trust world adds a new requirement - the calls need to be non-spurious, which means they must be associated with a valid human identity as well.\r\n\r\nHow do we enforce both human and workload identity at the same time, in a portable, efficient and extensible manner? A new Internet draft called Transaction Tokes offers a solution. Another draft, named OAuth SPIFFE Client Authentication, bridges the gap between SPIFFE and OAuth. \r\n\r\nKeycloak is a mature, feature-rich and highly extensible open-source IAM solution. Its ultimate extensibility has allowed us to quickly prototype both Transaction Tokens and SPIFFE Client Authentication and to create an end-to-end demo.\r\n \r\nIn this talk, we will give an introduction to both SPIFFE and Transaction Tokens, recap the progress from inception to implementation, and will demonstrate the two emerging technologies working together, using Keycloak as a platform. We will also explore the potential of using Google Common Expression Language (CEL) in the OAuth ecosystem.", "recording_license": "", "do_not_record": false, "persons": [{"code": "WWQZ8U", "name": "Dmitry Telegin", "avatar": "https://talks.secworkshop.events/media/avatars/WWQZ8U_WilNfKe.webp", "biography": "Dmitry is a principal engineer at Backbase UK. He is a Keycloak contributor, expert and consultant, and also a founder of Carretti Consulting.", "public_name": "Dmitry Telegin", "guid": "1fa08e71-1deb-53e6-9c33-2bca6544eb10", "url": "https://talks.secworkshop.events/osw2026/speaker/WWQZ8U/"}, {"code": "3HBYCY", "name": "Pieter Kasselman", "avatar": "https://talks.secworkshop.events/media/avatars/3HBYCY_T9zM0PZ.webp", "biography": "Pieter Kasselman is an Identity Enthusiast, focused on standards based identity products. Pieter has over 25 years' experience as a technologist and engineer, working on bringing new technologies and business models to market. Pieter's first encounter with identity was his final year project which used neural networks to identify users based on typing patterns. Since then he worked in a number of roles as an information security analyst, software engineer and program manager in industries that include finance, software, silicon and cloud. His diverse background gives him a unique perspective of the importance of identity and the role of identity standards as both a business enabler and the first line of defence for.", "public_name": "Pieter Kasselman", "guid": "760eb59d-d805-5238-99ee-14916d3b8f66", "url": "https://talks.secworkshop.events/osw2026/speaker/3HBYCY/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/9VDCK9/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/9VDCK9/", "attachments": []}]}}, {"index": 3, "date": "2026-05-29", "day_start": "2026-05-29T04:00:00+02:00", "day_end": "2026-05-30T03:59:00+02:00", "rooms": {"Arena": [{"guid": "797c95c2-8626-5ce8-9c4a-fd06869be7c2", "code": "JUEELE", "id": 66, "logo": null, "date": "2026-05-29T09:30:00+02:00", "start": "09:30", "duration": "00:30", "room": "Arena", "slug": "osw2026-66-dpop-lessons-learned-and-improvement-proposals", "url": "https://talks.secworkshop.events/osw2026/talk/JUEELE/", "title": "DPoP - Lessons learned and improvement proposals", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "DPoP adoption is accelerating, but some  use-cases are challenging the specification's initial design assumptions and choices. In this session, we will discuss some of the friction points we have experienced, and propose potential solutions.", "description": "DPoP has made design choices to allow easy integrations in the scope it was envisioned to be used, but the scenarios that people want to incorporate DPoP for are expanding and some of the initial design choices are creating problems. The two main problems we\u2019ve faced are nonce fetching (requiring a somewhat correct request containing DPoP to create an error with a new nonce to use) and not using DPoP to also protect the HTTP request and only the token itself. Furthermore, people are exploring to use DPoP also to bind refresh_token, which was ruled out by the RFC.", "recording_license": "", "do_not_record": false, "persons": [{"code": "HNCGF3", "name": "Christian Bormann", "avatar": "https://talks.secworkshop.events/media/avatars/8774236_FsJBeqO.jpeg", "biography": "Christian Bormann is an architect for digital identity and cryptography, currently working for the german EU Digital Identity Wallet project. With an MSc in Computer Science from RWTH Aachen focused on Distributed Systems, his career has centered on digital innovation in IoT and distributed systems, particularly digital identity and privacy-enhancing technologies. He is actively involved in international standardization efforts to enable secure and interoperable digital wallets.", "public_name": "Christian Bormann", "guid": "a054b800-fefe-58ca-8042-2b7cf5c569dc", "url": "https://talks.secworkshop.events/osw2026/speaker/HNCGF3/"}, {"code": "9UJP88", "name": "Paul Bastian", "avatar": "https://talks.secworkshop.events/media/avatars/Paul-Bastian_0094_yVNPQKI.jpg", "biography": null, "public_name": "Paul Bastian", "guid": "5c89e8e9-c331-515d-aa68-bdcc30c779aa", "url": "https://talks.secworkshop.events/osw2026/speaker/9UJP88/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/JUEELE/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/JUEELE/", "attachments": []}, {"guid": "c9ac33b2-39b9-5e8b-b29f-4aa9b888a440", "code": "JELBTZ", "id": 62, "logo": null, "date": "2026-05-29T10:00:00+02:00", "start": "10:00", "duration": "00:30", "room": "Arena", "slug": "osw2026-62-introducing-elicitation-concept-of-mcp-for-secure-cross-domain-multi-hop-api-calls-in-oauth-world", "url": "https://talks.secworkshop.events/osw2026/talk/JELBTZ/", "title": "Introducing Elicitation Concept of MCP for Secure Cross-domain Multi-hop API Calls in OAuth World", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "This session explores the possibility of applying the concept of \"Elicitation in URL mode\", introduced in MCP, to the OAuth world to make cross-domain multi-hop API calls secure and compares it with the existing token-exchange based method.", "description": "When a resource server hosting APIs receives an access request from a client with an access token, the resource server sometimes needs to access an API hosted by other resource server in a different trust domain to complete the initial request. It is called \"cross-domain multi-hop API calls\". In the cross-domain multi-hop API calls, the resource server may need to convey user context in subsequent API calls. An example of this is when a resource server needs to access a user's documents stored in Google Docs.\r\n\r\nToken exchange-based methods exist to do this securely. Specifically, IETF Internet Draft Identity and Authorization Chaining Across Domains based on RFC 8693 OAuth 2.0 Token Exchange and RFC 7523 JWT Authorization Grant. In this specification, the first resource server receives a JWT authorization grant from the authorization server in the same trust domain of the first resource server by token exchange, and the first resource server sends the grant to the authorization server in the same trust domain of the next resource server and receive an access token for accessing the next resource server.\r\n\r\nThis session explores the possibility of an alternative method. The idea is to apply the concept of \"Elicitation in URL mode\", introduced in the Model Context Protocol (MCP), to the OAuth world. In this concept, the first resource server plays the role of a client and receives an access token from the authorization server in the same trust domain of the next resource server by authorization code grand and so on.\r\n\r\nThe speaker describes the issues that arise when applying the concept to cross-domain multi-hop API calls in OAuth and the solutions for them. In addition, the speaker compares the existing token exchange-based method and the elicitation-based method, and discusses which method is preferable in what cases.\r\n\r\nFinally, the speaker considers whether the elicitation-based method can be standardized as an OAuth extension.\r\n\r\nThe session would contribute to providing the alternative method for cross-domain multi-hop API calls in OAuth and making it more secure.", "recording_license": "", "do_not_record": false, "persons": [{"code": "CJX8KF", "name": "Takashi Norimatsu", "avatar": "https://talks.secworkshop.events/media/avatars/25092005_yUr6hDD.jpg", "biography": "Takashi Norimatsu, Ph.D. in Engineering, Senior OSS Specialist, Hitachi, Ltd. is a maintainer of Keycloak, IAM OSS, CNCF incubating project. He has been implemented and contributed to Keycloak security features like FAPI 1.0/FAPI 2.0/FAPI-CIBA security profiles, Model Context Protocol (MCP) authorization part, WebAuthn/Passkeys support. He leads Keycloak's community \"OAuth SIG\" (Ex FAPI-SIG) for supporting OAuth/OIDC and its related security features to Keycloak.", "public_name": "Takashi Norimatsu", "guid": "81c6d582-bd0a-5bc9-84d2-db1064ca6648", "url": "https://talks.secworkshop.events/osw2026/speaker/CJX8KF/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/JELBTZ/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/JELBTZ/", "attachments": []}, {"guid": "f4ab9b96-8f98-58d6-b6db-a7de49573602", "code": "7YA8UP", "id": 77, "logo": null, "date": "2026-05-29T11:00:00+02:00", "start": "11:00", "duration": "00:30", "room": "Arena", "slug": "osw2026-77-ai-agent-authentication-and-authorization", "url": "https://talks.secworkshop.events/osw2026/talk/7YA8UP/", "title": "AI Agent Authentication and Authorization", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "This talk explains why AI agents should be treated as workloads, not magical new identity subjects. It shows how existing standards such as SPIFFE, WIMSE, OAuth 2.0, and SSF applies to agent systems, while also identifying gaps.", "description": "The AI Agent Authentication and Authorization draft was introduced at IETF 125 (https://datatracker.ietf.org/doc/draft-klrc-aiagent-auth/). The draft start from the premise that agents are workloads, then build on proven identity and authorization standards rather than inventing bespoke schemes for every new agent framework.\r\n\r\nThis talk walks through that model and explores what it means in practice. We will examine how agent identifiers, credentials, attestation, provisioning, authentication, authroization and observabily, monitoring and remediation can be mapped onto familiar building blocks such as SPIFFE, WIMSE, OAuth 2.0 and SSF. \r\n\r\nWe will also discuss where today\u2019s standards are already sufficient, where implementation guidance is still missing, and where future IETF work may be needed.\r\n\r\nAttendees will leave with a practical framework for thinking about AI agent aythetnication and authorization, starting with a mental model that agents are workloads that leverage existing, widely deployed, standards.", "recording_license": "", "do_not_record": false, "persons": [{"code": "3HBYCY", "name": "Pieter Kasselman", "avatar": "https://talks.secworkshop.events/media/avatars/3HBYCY_T9zM0PZ.webp", "biography": "Pieter Kasselman is an Identity Enthusiast, focused on standards based identity products. Pieter has over 25 years' experience as a technologist and engineer, working on bringing new technologies and business models to market. Pieter's first encounter with identity was his final year project which used neural networks to identify users based on typing patterns. Since then he worked in a number of roles as an information security analyst, software engineer and program manager in industries that include finance, software, silicon and cloud. His diverse background gives him a unique perspective of the importance of identity and the role of identity standards as both a business enabler and the first line of defence for.", "public_name": "Pieter Kasselman", "guid": "760eb59d-d805-5238-99ee-14916d3b8f66", "url": "https://talks.secworkshop.events/osw2026/speaker/3HBYCY/"}, {"code": "UPC98G", "name": "Yaroslav Rosomakho", "avatar": "https://talks.secworkshop.events/media/avatars/UPC98G_GNulyLi.webp", "biography": "Yaroslav Rosomakho is Chief Scientist at Zscaler, where he leads research and strategy across emerging technologies, secure networking, and cryptographic protocols. He is an active contributor to the IETF, member of the Internet Architecture board and chair of SEAT and HPKE working groups. In addition to that he contributes to TLS, QUIC, HTTP, WIMSE and MASQUE. Yaroslav has a background in building large-scale security systems and has held leadership roles at Netskope and Arbor Networks. He is passionate about bridging deep technical insight with practical deployment strategies.", "public_name": "Yaroslav Rosomakho", "guid": "6dcf660f-ae95-5853-81a7-3817b9fc3004", "url": "https://talks.secworkshop.events/osw2026/speaker/UPC98G/"}, {"code": "RUNRDN", "name": "Brian Campbell", "avatar": "https://talks.secworkshop.events/media/avatars/RUNRDN_LDjWscH.webp", "biography": "As a Distinguished Engineer for Ping Identity, Brian aspires to one day know what a Distinguished Engineer actually does for a living. In the meantime, he's tried to make himself useful with little things like designing and building much of PingFederate, the product that put Ping Identity on the map. When not making himself useful, he tries to build his legacy by sneaking his name onto technical documents that few people will ever actually read, including some identity and security standards in the IETF and OpenID Foundation. He holds a B.A., magna cum laude, in Computer Science from Amherst College in Massachusetts. Despite spending four years in the state, he has to look up how to spell \"Massachusetts\" every time he writes it.", "public_name": "Brian Campbell", "guid": "0b908101-79fd-55cb-9e44-8d05f0c54b8f", "url": "https://talks.secworkshop.events/osw2026/speaker/RUNRDN/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/7YA8UP/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/7YA8UP/", "attachments": []}, {"guid": "20f7fbc7-332f-5c8d-8ca6-8d58a7fd57cd", "code": "KP38XX", "id": 93, "logo": null, "date": "2026-05-29T11:30:00+02:00", "start": "11:30", "duration": "00:30", "room": "Arena", "slug": "osw2026-93-inmor-a-new-openid-federation-trust-anchor", "url": "https://talks.secworkshop.events/osw2026/talk/KP38XX/", "title": "Inmor: a new openid-federation trust anchor", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Inmor is an open-source Trust Anchor implementation for OpenID Federation 1.0, it is being developed with keeping performance and easy maintenance in mind, with Rust and Python, splitting the performance and ease of use for operators.", "description": "Inmor trust anchor is build for performance in the public facing service via Rust and ease of development and maintenance in  management API/service in Python. The goal is to build software which can be used to by a small federation without too much trouble for the operators but still being able to provide the performance required. At the same time the service can be scaled to many instances for any larger system. The documentation is available at https://inmor.readthedocs.io/en/latest/ and it is currently being used in Swedish national federation as a PoC.", "recording_license": "", "do_not_record": false, "persons": [{"code": "78SNH7", "name": "Kushal Das", "avatar": null, "biography": "Kushal Das is a public interest technologist working at Sunet (https://sunet.se) where he helps to build secure and privacy focused tools and services. He is CPython core developer & fellow at the Python Software Foundation. He is also part of the core team of the Tor Project, and a long time contributor to Fedora Project. He also helps out citizens/journalists/activists with digital security trainings. He regularly blogs at https://kushaldas.in.", "public_name": "Kushal Das", "guid": "e69b6916-bae8-56a7-bf16-1ec2165fb196", "url": "https://talks.secworkshop.events/osw2026/speaker/78SNH7/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/KP38XX/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/KP38XX/", "attachments": []}, {"guid": "2248d4f0-cf53-5c4a-9b91-679ac2724e08", "code": "BYSQL8", "id": 97, "logo": null, "date": "2026-05-29T13:00:00+02:00", "start": "13:00", "duration": "00:30", "room": "Arena", "slug": "osw2026-97-unconference-planning-friday", "url": "https://talks.secworkshop.events/osw2026/talk/BYSQL8/", "title": "Unconference Planning Friday", "subtitle": "", "track": null, "type": "Special", "language": "en", "abstract": "We assemble to plan the unconference slots in the afternoon.", "description": "We assemble to plan the unconference slots in the afternoon.", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/BYSQL8/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/BYSQL8/", "attachments": []}, {"guid": "f05e1038-e558-5309-8e1f-f674144613d2", "code": "WTPSHA", "id": 103, "logo": null, "date": "2026-05-29T13:30:00+02:00", "start": "13:30", "duration": "01:30", "room": "Arena", "slug": "osw2026-103-unconference-sessions", "url": "https://talks.secworkshop.events/osw2026/talk/WTPSHA/", "title": "Unconference Sessions", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Unconference Sessions", "description": "Unconference Sessions", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/WTPSHA/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/WTPSHA/", "attachments": []}, {"guid": "db1e8961-1e40-5447-a660-dc8e8647171e", "code": "AKJPTJ", "id": 99, "logo": null, "date": "2026-05-29T15:30:00+02:00", "start": "15:30", "duration": "01:30", "room": "Arena", "slug": "osw2026-99-unconference-sessions", "url": "https://talks.secworkshop.events/osw2026/talk/AKJPTJ/", "title": "Unconference Sessions", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Unconference Sessions", "description": "Unconference Sessions", "recording_license": "", "do_not_record": false, "persons": [], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/AKJPTJ/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/AKJPTJ/", "attachments": []}], "Work Lab II": [{"guid": "f305482a-8a3c-5b69-8b2f-0ee84e21c2c6", "code": "N9DFJH", "id": 86, "logo": null, "date": "2026-05-29T09:30:00+02:00", "start": "09:30", "duration": "00:30", "room": "Work Lab II", "slug": "osw2026-86-attacks-and-security-proofs-for-authentication-and-authorization-protocols", "url": "https://talks.secworkshop.events/osw2026/talk/N9DFJH/", "title": "Attacks and Security Proofs for Authentication and Authorization Protocols", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "We give an overview of formal methods, including mechanized approaches, and present our prior and ongoing work on finding attacks and carrying out proofs for authentication and authorization protocols.", "description": "In recent years, formal security analysis of protocols has proven highly effective in finding security vulnerabilities and establishing strong security guarantees. Ideally, such formal analysis should be conducted during the development of protocols to ensure that emerging standards and their implementations are secure from the outset. In a nutshell, this approach consists of three steps: creating a mathematical model of the protocol, precisely formalizing the desired security goals, and creating a mathematical proof of these security goals.\r\n\r\nIn this session, we provide a general overview of formal methods for protocol security, and briefly present a selection of our previous and ongoing work conducted with the Web Infrastructure Model, including analyses of the OpenID FAPI, OpenID Federation, and OpenID VP/VCI protocols. We discuss how the formal approach was useful for identifying new kinds of attacks, clarifying the exact conditions under which these protocols are secure, and overall improvements of specifications. We also discuss the limitations of existing mechanized approaches that provide tool-based support for formal analysis. We conclude with an overview of our ongoing work to provide a mechanized framework that accounts for a rich model of the Web.", "recording_license": "", "do_not_record": false, "persons": [{"code": "8NHPGP", "name": "Pedram Hosseyni", "avatar": "https://talks.secworkshop.events/media/avatars/8NHPGP_BKelzrV.webp", "biography": "", "public_name": "Pedram Hosseyni", "guid": "5ac72daf-6b64-50ff-830b-0737beb35c41", "url": "https://talks.secworkshop.events/osw2026/speaker/8NHPGP/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/N9DFJH/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/N9DFJH/", "attachments": []}, {"guid": "ed24190e-190b-5987-8c8f-095175cdde9b", "code": "RC939U", "id": 63, "logo": null, "date": "2026-05-29T10:00:00+02:00", "start": "10:00", "duration": "00:30", "room": "Work Lab II", "slug": "osw2026-63-browser-swapping-how-to-hack-how-to-fix", "url": "https://talks.secworkshop.events/osw2026/talk/RC939U/", "title": "Browser Swapping \u2013 How to Hack & How to Fix?", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "The rediscovered Browser Swapping attack threatens modern OAuth 2 and OpenID Connect deployments. This talk demonstrates how attackers exploit the vulnerability and how you can protect your systems in the short and long term.", "description": "When Pedram Hosseini et al. discovered Browser Swapping in 2022, no browser technologies were available to mitigate the attack. As there was no known practical attack vector, applying fixes to the standard was deferred. After Jonas Primbs demonstrated a practical attack at IETF 124 in November 2025, Luke Jennings discovered real-world attacks using Browser Swapping to hijack Azure CLI sessions. While standardization of browser technologies that can fully mitigate web app attacks has just begun, we can at least reduce the likelihood of successful attacks.\r\n\r\nThis talk will include a live demonstration of a Browser Swapping attack and provide an overview of the many possible attack variations against web and native applications. It will also suggest short-term mitigation strategies and long-term standardisation requirements. Participants will understand why Browser Swapping is both feasible and difficult to mitigate, and why new browser and operating system standards are required to mitigate it fully.", "recording_license": "", "do_not_record": false, "persons": [{"code": "7SAB7Y", "name": "Jonas Primbs", "avatar": "https://talks.secworkshop.events/media/avatars/7SAB7Y_jFa1EBQ.webp", "biography": "Jonas Primbs, M.Sc., is an IT security researcher at the University of T\u00fcbingen, Germany, since 2020. While completing his PhD, he is working at the penetration testing company SySS GmbH as an IT security consultant since 2023. With his broad expertise in web application security and modern authentication and authorization standards, he aims to ensure end-to-end security across users and services based on open standards.", "public_name": "Jonas Primbs", "guid": "8cfc4d4f-220d-5858-9da4-c78bfe66a5fd", "url": "https://talks.secworkshop.events/osw2026/speaker/7SAB7Y/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/RC939U/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/RC939U/", "attachments": []}, {"guid": "afd5f424-01ef-5ed7-8d1d-cce2b1509eb4", "code": "K7TUPH", "id": 84, "logo": null, "date": "2026-05-29T11:00:00+02:00", "start": "11:00", "duration": "00:30", "room": "Work Lab II", "slug": "osw2026-84-understanding-oauth-session-fixation-in-connector-ecosystems", "url": "https://talks.secworkshop.events/osw2026/talk/K7TUPH/", "title": "Understanding OAuth Session Fixation in Connector Ecosystems", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Session fixation attacks affect certain OAuth-related standards but remain unexamined in *mainstream* OAuth 2.0 deployments. We identify 40+ vulnerable vendors in \"connector ecosystems\" for app integration and agentic AI, and propose mitigations.", "description": "Session fixation is a well-known problem in web security [1], and was historically observed in OAuth 1.0 [2] and mitigated in several OAuth 2.0-related standards [3] such as cross-device flows [4] and OpenID4VP [5]. However, while session fixation has been discussed in such specialized settings, the threat is not modeled in the OAuth Security BCP (RFC9700) [6], and its real-world susceptibility has not been systematically analyzed in *mainstream* OAuth 2.0 authorization code grant deployments for same-device usage.\r\n\r\nModern applications\u2014such as *productivity apps*, *automation platforms*, and *AI agents*\u2014orchestrate across external tools and SaaS integrations through cloud-based \"connectors\". To obtain authorized access to connector accounts, these applications rely extensively on OAuth 2.0 for account linking, through which they link *connector accounts* to *application accounts* and maintain persistent OAuth connections.\r\n\r\nIn such \"connector ecosystems\", applications may either *self-manage* their OAuth clients, or rely on *managed* infrastructures where OAuth responsibilities (token retrieval and lifecycle management) are outsourced to a \"Token Vault\". In both cases, the OAuth client would commonly introduce dedicated auth sessions that are separate from the application's existing user sessions. Such auth sessions keep track of the application's authorization context (e.g., the expected application account to utilize the tokens) across disparate web origins, user agents, and trust domains during OAuth flows.\r\n\r\nBy systematizing real-world OAuth architectural patterns, we show that over-reliance on such auth sessions can inadvertently break session integrity in OAuth. This issue enables session fixation attacks across more than 40 vendors in connector ecosystems. \r\nIn such attacks:\r\n\r\n* An attacker tricks a victim into authorizing an OAuth flow initiated by the attacker, which fixates an attacker-controlled auth session in the victim\u2019s user agent.\r\n* After the victim completes authorization, the attacker gains access to the victim\u2019s protected resources, leading to connector account takeovers.\r\n* In many cases, a single click on an unassuming hyperlink is all it takes for a user to be compromised.\r\n\r\nIn this talk, we further explain *why* session fixation attacks emerge in connector ecosystems, and *how* they can be mitigated (e.g., [7] [8] [9] [10] [11]). Notably, these issues are not merely the result of careless implementation, but arise from the architectural decoupling of OAuth responsibilities (*the OAuth client*) and session management (*the application*) across different components or entities that were traditionally treated as a single \"client application\".\r\n\r\nWe also discuss our initial efforts to model these deployment scenarios and security considerations, proposing potential updates to the OAuth Security BCP [12] [13] as a call to action for the community.\r\n\r\n---\r\nCo-authors: Kaixuan Luo, Xianbo Wang, Adonis Fung, Wing Cheong Lau\r\n\r\nOur research paper appears in IEEE S&P 2026 [14], with preliminary results presented at Black Hat USA 2024 [15] and 2025 [16].\r\n\r\nReferences:\r\n[1] https://cwe.mitre.org/data/definitions/384.html\r\n[2] https://oauth.net/advisories/2009-1/\r\n[3] https://danielfett.de/2025/03/10/cross-device-session-fixation/\r\n[4] https://datatracker.ietf.org/doc/html/draft-ietf-oauth-cross-device-security-16#section-4\r\n[5] https://openid.net/specs/openid-4-verifiable-presentations-1_0.html#section-14.2\r\n[6] https://datatracker.ietf.org/doc/html/rfc9700\r\n\r\n[7] https://docs.aws.amazon.com/bedrock-agentcore/latest/devguide/oauth2-authorization-url-session-binding.html\r\n[8] https://aws.amazon.com/blogs/machine-learning/secure-ai-agents-with-amazon-bedrock-agentcore-identity-on-amazon-ecs/\r\n[9] https://docs.arcade.dev/en/home/auth/secure-auth-production\r\n[10] https://www.arcade.dev/blog/arcade-proactively-addressed-coat-vulnerability-in-agentic-ai/\r\n[11] https://modelcontextprotocol.io/specification/2025-11-25/client/elicitation#phishing\r\n\r\n[12] IETF 125 Presentation (Page 6-8): https://datatracker.ietf.org/meeting/125/materials/slides-125-oauth-updates-to-oauth-20-security-best-current-practice-00\r\n[13] Internet-Draft (Section 2.3): https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics-update-01#section-2.3\r\n\r\n[14] Kaixuan Luo, Xianbo Wang, Pui Ho Adonis Fung, and Wing Cheong Lau, \"Demystifying the (In)Security of OAuth-based Account Linking in Connector Ecosystems,\" in 2026 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2026, pp. 2327-2346. https://doi.ieeecomputersociety.org/10.1109/SP63933.2026.00128\r\n[15] https://blackhat.com/us-24/briefings/schedule/index.html#one-hack-to-rule-them-all-pervasive-account-takeovers-in-integration-platforms-for-workflow-automation-virtual-voice-assistant-iot-38-llm-services-38994\r\n[16] https://blackhat.com/us-25/briefings/schedule/index.html#back-to-the-future-hacking-and-securing-connection-based-oauth-architectures-in-agentic-ai-and-integration-platforms-44686", "recording_license": "", "do_not_record": false, "persons": [{"code": "LEMRJG", "name": "Kaixuan Luo", "avatar": "https://talks.secworkshop.events/media/avatars/KaixuanLUO_1x1_GVYcsqS.jpg", "biography": "Kaixuan Luo is a PhD candidate at Mobile Technologies Centre (MobiTeC), the Chinese University of Hong Kong (CUHK). His research focuses on web security and its intersection with digital identities. He is a three-time Black Hat USA speaker and has published his research at USENIX Security and IEEE S&P.", "public_name": "Kaixuan Luo", "guid": "9bb10600-7faa-5087-a400-72ca43f7e567", "url": "https://talks.secworkshop.events/osw2026/speaker/LEMRJG/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/K7TUPH/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/K7TUPH/", "attachments": []}, {"guid": "31757062-5bf8-5a1b-a225-f925642b9e56", "code": "NAZJX8", "id": 73, "logo": null, "date": "2026-05-29T11:30:00+02:00", "start": "11:30", "duration": "00:30", "room": "Work Lab II", "slug": "osw2026-73-outcomes-from-the-quant-id-project-pqc-and-qrng-in-the-scope-of-oauth-and-oidc", "url": "https://talks.secworkshop.events/osw2026/talk/NAZJX8/", "title": "Outcomes from the Quant-ID Project - PQC and QRNG in the Scope of OAuth and OIDC", "subtitle": "", "track": null, "type": "Talk/Discussion", "language": "en", "abstract": "Quant-ID is a project funded by the BMFTR for researching quantum entropy and post-quantum cryptography in OAuth and OIDC, including analyses and implementations by four partner organizations. We would like to share some results with the community.", "description": "The development of quantum technologies is progressing faster than expected. While quantum computing poses a threat to currently used cryptography, there are also new solutions for resistance towards such attacks including quantum and post-quantum security. The current focus by information security agencies is the transition to post-quantum cryptography. NIST and the European Commission have published their related roadmaps. Our digital infrastructures heavily rely on cryptographic security and the transition timelines are tight.  Cryptography is the very security backbone of authorization protocols. At the same time, authorization is a critical digital process for infrastructure security. Such assets are expected to be transitioned by the end of 2030 according to the EU roadmap. The project Quant-ID researched quantum entropy and post-quantum cryptography in OAuth and OIDC on the network and application layer in order to enable a smoother transition. We implemented a multi-component demonstrator, including an authorization server on an IBM VPC instance, relying rarties and a quantum random number generator. In this talk, we will present our main results and challenges in enabling a smooth transition to quantum-safe OAuth and OIDC.", "recording_license": "", "do_not_record": false, "persons": [{"code": "CXJ7D3", "name": "Xenia Bogomolec", "avatar": "https://talks.secworkshop.events/media/avatars/CXJ7D3_1YzRJsD.webp", "biography": "Xenia is the founder of Quant-X Security & Coding, a boutique company based in Hanover, Germany, that specializes in cyber security consulting for highly regulated organizations. She is the lead of the R&D consortium Quant-ID. Due to her background in mathematics, she is involved in quantum and post-quantum security research and technology transfer since 2016. Xenia's special skill is connecting experts from various tech, compliance an management backgrounds and thus driving innovation in complex infrastructures.", "public_name": "Xenia Bogomolec", "guid": "ac5cb467-eb1e-5edd-8e7d-f3c2b9eadc50", "url": "https://talks.secworkshop.events/osw2026/speaker/CXJ7D3/"}], "links": [], "feedback_url": "https://talks.secworkshop.events/osw2026/talk/NAZJX8/feedback/", "origin_url": "https://talks.secworkshop.events/osw2026/talk/NAZJX8/", "attachments": []}]}}]}}}