Draft urges better revocation signaling for large federations and flags separate AI agent workstream
Get AI-powered insights, summaries, and transcripts
Subscribe
Summary
NISTIR 8587 stresses revocation remains difficult in large distributed systems and recommends exploring IETF token status lists, OIDF shared signals and CAPE; panelists said AI agent authentication requires a separate, more detailed effort.
Panelists acknowledged token revocation is challenging in very large, distributed cloud environments and recommended emerging standards and shared signals as paths to improved revocation and compromise signaling.
Ryan Belluzzo told attendees the report recommends looking at IETF's token status list and OpenID Foundation shared signals specifications to enable systems to pull centralized or shared state and take action to revoke or limit compromised tokens. He said such standards are still maturing and that revocation capabilities vary across providers.
The panel also discussed how interconnected services might adopt shared signals to indicate account compromise or token revocation across a set of relying parties, and recommended exploration of interoperability profiles and continuous access evaluation (CAPE) to enable coordinated responses.
On AI agents, speakers said agentic scenarios introduce additional challenges — delegation, binding an agent to a human for accountability, and scale of agentic actions — and the draft does not attempt to be an "agentic document." Ryan said NIST is tracking this area and indicated potential follow-up work such as a National Cybersecurity Center of Excellence project focused on agent management for authentication and authorization.
The presenters urged commenters to address revocation, monitoring and agentic scenarios in their submissions before the January 30 deadline.